IPsec PSK VPN with strongSwan to FortiGate with one-time-password(Fortitoken)

So I am using Strongswan to connect to remote Fortigate since native Fortinet VPN client does not support IPsec. I also have hardware FortiToken 200 that provides a OTP. My current config is the following: **/etc/ipsec.conf** conn my-config keyexchange=ikev1 aggressive=yes ike = aes256-sha256-modp1536 esp = aes256-sha1-modp1536 right=remote_ip rightid=%any rightsubnet=0.0.0.0/0 rightauth=psk leftsourceip=%config leftauth=psk leftauth2=xauth xauth_identity="username" auto=add **/etc/ipsec.secrets** remote_ip : PSK "passphrase_here" username : XAUTH "password_here" When I run: > ipsec up my-config initiating Aggressive Mode IKE_SA german to remote_ip generating AGGRESSIVE request 0 [ SA KE No ID V V V V V ] sending packet: from 10.0.2.15 to remote_ip (460 bytes) received packet: from remote_ip to 10.0.2.15 (536 bytes) parsed AGGRESSIVE response 0 [ SA KE No ID HASH V NAT-D NAT-D V V V V V ] received NAT-T (RFC 3947) vendor ID received DPD vendor ID received XAuth vendor ID received unknown vendor ID: 82:99:03:17:57:a3:60:82:c6:a6:21:de:00:00:00:00 received FRAGMENTATION vendor ID received FRAGMENTATION vendor ID selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1536 local host is behind NAT, sending keep alives generating AGGRESSIVE request 0 [ HASH NAT-D NAT-D ] sending packet: from 10.0.2.15 to remote_ip (140 bytes) received packet: from remote_ip to 10.0.2.15 (92 bytes) parsed TRANSACTION request 1581697690 [ HASH CPRQ(X_TYPE X_USER X_PWD) ] no XAuth method found generating TRANSACTION response 1581697690 [ HASH CP ] sending packet: from 10.0.2.15 to remote_ip (76 bytes) Obviously, it is necessary to edit the config somehow so it would prompt for OTP at some point. ***The question is: how do I it?***