System administration
Administrators options
FortiGate-100A Administration Guide
01-28007-0068-20041203
111
3
Type a login name for the administrator account.
4
Type and confirm a password for the administrator account.
5
Optionally type a Trusted Host IP address and netmask from which the administrator
can log into the web-based manager.
6
Select the access profile for the administrator.
7
Select OK.
Figure 41: Change an administrator password
To change an administrator password
1
Go to
System > Admin > Administrators
.
2
Select the Change Password icon next to the administrator account you want to
change the password for.
3
Enter and confirm the new password.
4
Select OK.
Using trusted hosts
Setting trusted hosts for all of your administrators increases the security of your
network by further restricting administrative access. In addition to knowing the
password, an administrator must connect only through the subnet or subnets you
specify. You can even restrict an administrator to a single IP address if you define only
one trusted host IP address with a netmask of 255.255.255.255.
When you set trusted hosts for all administrators, the FortiGate unit does not respond
to administrative access attempts from any other hosts. This provides the highest
security. If you leave even one administrator unrestricted, the unit accepts
administrative access attempts on any interface that has administrative access
enabled, potentially exposing the unit to attempts to gain unauthorized access.
The trusted hosts you define apply both to the web-based manager and to the CLI
when accessed through telnet or SSH. CLI access through the console connector is
not affected.
Access profiles
Go to
System > Admin > Access Profile
to add access profiles for FortiGate
administrators. Each administrator account belongs to an access profile. You can
create access profiles that deny access to or allow read only, write only, or both read
and write access to FortiGate features.
Summary of Contents for FortiGate 100A
Page 12: ...Contents 12 01 28007 0068 20041203 Fortinet Inc ...
Page 24: ...24 01 28007 0068 20041203 Fortinet Inc FortiLog documentation Introduction ...
Page 72: ...72 01 28007 0068 20041203 Fortinet Inc Transparent mode VLAN settings System network ...
Page 80: ...80 01 28007 0068 20041203 Fortinet Inc DHCP IP MAC binding settings System DHCP ...
Page 114: ...114 01 28007 0068 20041203 Fortinet Inc Access profile options System administration ...
Page 232: ...232 01 28007 0068 20041203 Fortinet Inc Profile CLI configuration Firewall ...
Page 244: ...244 01 28007 0068 20041203 Fortinet Inc peergrp Users and authentication ...
Page 276: ...276 01 28007 0068 20041203 Fortinet Inc ipsec vip VPN ...
Page 338: ...338 01 28007 0068 20041203 Fortinet Inc Configuring the banned word list Spam filter ...
Page 356: ...356 01 28007 0068 20041203 Fortinet Inc syslogd setting Log Report ...
Page 374: ...374 01 28007 0068 20041203 Fortinet Inc Index ...