System Admin Administrators
FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903 271
http://docs.fortinet.com/ • Feedback
Figure 122: Administrator account configuration - PKI authentication
Administrator Enter the login name for the administrator account.
The name of the administrator should not contain the characters <>()#"'.
Using these characters in the administrator account name can result in a cross
site scripting (XSS) vulnerability.
Type Select the type of administrator account:
Regular Select to create a Local administrator account. For more information, see
“Configuring regular (password) authentication for administrators” on
page 272.
Remote Select to authenticate the administrator using a RADIUS, LDAP, or TACACS+
server. Server authentication for administrators must be configured first. For
more information, see “Configuring remote authentication for administrators”
on page 272.
PKI Select to enable certificate-based authentication for the administrator. Only
one administrator can be logged in with PKI authentication enabled. For more
information, see “Configuring PKI certificate authentication for administrators”
on page 278.
User Group Select the administrator user group that includes the Remote server/PKI
(peer) users as members of the User Group. The administrator user group
cannot be deleted once the group is selected for authentication.
This is available only if Type is Remote or PKI.
Wildcard Select to allow all accounts on the RADIUS, LDAP, or TACACS+ server to be
administrators.
This is available only if Type is Remote. Only one wildcard user is permitted
per VDOM.
Password Enter a password for the administrator account. For improved security, the
password should be at least 6 characters long.
This is not available if Wildcard is selected or when Type is PKI.
See the Fortinet Knowledge Center article Recovering lost administrator
account passwords if you forget or lose an administrator account password
and cannot log in to your FortiGate unit.
Confirm Password Type the password for the administrator account a second time to confirm that
you have typed it correctly.
This is not available if Wildcard is selected or when PKI authentication is
selected.
Trusted Host #1
Trusted Host #2
Trusted Host #3
Enter the trusted host IP address and netmask that administrator login is
restricted to on the FortiGate unit. You can specify up to three trusted hosts.
These addresses all default to 0.0.0.0/0 or 0.0.0.0/0.0.0.0.
For more information, see “Using trusted hosts” on page 280.
To Next Page
Loading...
Need help?
General
