Hello.I have an issue about SMS token type and challenge.We use pi with otp,hotp,email token types without any error,it works quite well.But even if we configured SMS gateway correctly we couldn’t see SMS token type while we were selecting token type as challenge_response in policies.If we choose push token type instead sms token we will get a sms code which we enrolled SMS token to a user in AD but after getting code there weren’t seen a new section our fortigate ssl vpn program.What should i do? Is there SMS module missing in my version 3.11.3?or do i have to install smstoken.py ?if it is like that,how can i do that?i will be apprecated if someone help me about this issue?thanks
The SMS token is always a challenge response token.
You do not need to and can not set a challege_response policiy for SMS, since it is always challenge response.
Okay Cornelinux.Thanks for response,But i have an addional issue about sms gateway configration.Even i’ve set up SMS gateway,when i enroll a sms token to a LDAP user,i cannot see my smstoken gateway name in the combobox menu.Am i missing something while i was doing sms gateway configration?
Thank you
Best regards
The drop down box has two lines.
Do you have an invalid name, that can not be displayed in the UI? We do not know, because we do not know the name of your SMS gateway.
You need to set an admin / user policy sms_gateways with a space separated list of gateway names that the user is allowed to set.
1 Like
Hello again.Thank you for your responses Jelina and Cornelinux.After your suggestion i set an user policy which user can enroll a sms token ownself by choosing the smsgateway and after i tried to make vpn connection i saw an error in debug mode.Is it related smsgateway settings or do i miss something about configration?
I recommend following the usual way in the IT:
Look at the log file. The privacyidea.log will give you more information. So, noone needs to guess.
You can increase the log level to debug in the pi.cfg file.
Hello.SMS gateway works and sends sms after i typed username and password ,but it did not challenge. When I tried to login via fortigate ssl vpn by using sms code as password + sms code,i can login.But this is not that i wanted to.I’d like to do this connection just typing after user and password,and i want to type sms code into screen which comes after challenge..
Privacyidea.log file output is like this:
[2025-11-06 16:26:57,336][1399][139815984387648][WARNING][privacyidea.lib.smsprovider.HttpSMSProvider:214] failed to send sms. Reply {
“statusCode” : 200,
“statusDescription” : “OK”,
“message” : “1 rows inserted.”,
“columnNames” : null,
“numRows” : 0,
“data” : ,
“result” : null,
“elapsedTime” : 8,
“errors” :
} does not match the RETURN_SUCCESS definition
[2025-11-06 16:26:57,337][1399][139815984387648][WARNING][privacyidea.lib.tokens.smstoken:361] The PIN was correct, but the SMS could not be sent! (SMSError(error_id=200, description='We received>
[2025-11-06 16:27:12,708][1399][139815992780352][INFO][privacyidea.lib.user:271] user ‘f***a.c**ik’ found in resolver ‘k*lar’
[2025-11-06 16:27:12,708][1399][139815992780352][INFO][privacyidea.lib.user:273] userid resolved to ‘0630cfc3-6cd4-4b5a-a3e1-904cc3a04b30’
[2025-11-06 16:31:37,949][1399][139815959209536][ERROR][privacyidea.lib.machines.ldap:196] Error during fetching LDAP objects: IndexError(‘list index out
Maybe you should check your configuration of RETURN_SUCCESS.
You can increase the log level to debug as said before.
Hello again.On your recommendation, when I increased the log level in debug mode and examined the logs, I was getting the error in the relevant line every time(SMSError(error_id=200, description='We received a none success reply from the SMS Gateway: ) and then I left blank in RETURN_SUCCESS part then it worked. I appreciate your help and support. Thank you very much Cornelinux.
1 Like