In this recipe, you will complete these following basic administrative tasks to get a newly installed FortiGate ready for use:
1. Register your FortiGate with a Fortinet Support account.
2. Set the system time.
3. Create a new administrator and edit the default account.
4. Restrict administrative access to a trusted host (optional).
1. Registering your FortiGate
You must register your FortiGate to receive firmware upgrades, FortiGuard updates, and access to Fortinet Support.
Before you register your FortiGate, it must be connected to the Internet.
Connect to your FortiGate. A message appears that states that FortiCare registration is required. Select Register Now.
If you have a Fortinet Support account, set Action to Login. If you need to create an account, set Action to Create Account.
To allow Fortinet Support to keep a complete list of your devices, you should use one account to register all of your Fortinet products.
Go to System > FortiGuard. In License Information, FortiCare Support appears as Registered.
Your other FortiGuard licenses now show as licensed. There may be a delay before all of them appear as licensed.
2. Setting the system time
Go to System > Settings. Under System Time, select your Time Zone and either set the time manually or select Synchronize with NTP Server.
Current system time displays the correct time.
3. Creating a new administrator and editing the default account
Go to System > Administrators and create a new account. Set User Name and Password.
Set Administrator Profile to super_admin. This profile allows the administrator full access to configure the FortiGate.
Log out of the FortiGate and log in using your new account.
To secure your FortiGate, it’s recommended that you change the name and password of the default admin account.
Go to System > Administrators and edit the default account. Change the User Name.
Select Change Password to add a password to this account.
4. Results
Attempt to log in using the original credentials for the default account. Access is denied.
Log in using the new credentials for the default account. Access is granted.
Go to Log & Report > System Events. You can see the successful and failed login attempts in the events list.
5. Restricting administrative access to a trusted host (optional)
You can configure an administrative account to be accessible only to someone who is using a trusted host. You can set a specific IP address for the trusted host or use a subnet.
Go to System > Administrators and edit the default admin account.
Enable Restrict login to trusted hosts. Set Trusted Host 1 to the static IP address of the computer you use to administer the FortiGate.
If required, set additional trusted hosts.