Fortinet black logo

Deploying High Availability on Azure

Home FortiADC Public Cloud Deploying High Availability on Azure

Connecting to the FortiADC GUI and CLI

Connecting to the FortiADC GUI and CLI

After deploying the FortiADC HA resources on Azure, you will need to access the FortiADC to configure for the L7 or L4 virtual server scenario.

Obtaining the public IP address of the FortiADC-VMs

  1. Go to the Azure portal to manage your resource group. Search for and select Resource groups.
  2. Locate the resource group you have selected for the ARM template deployment and click the resource group name.
  3. Locate the FortiADC-VMs by the Resource Name Prefix you have defined in the ARM template parameters and click the name.
  4. In the Settings section, select Networking.
  5. Take note of the NIC Public IP.
To connect to the FortiADC web UI:
  1. Enter the FortiADC-VM's public IP address in a web browser's address field. For example, https://13.x.x.x.
    The HTTP access to the FortiADC GUI will be automatically redirected to HTTPS, so if you enter the HTTP port number (e.g., 80), it will be redirected to the HTTPS port (e.g., 443).
  2. Log in using the FAD Admin Username and FAD Admin Password that were specified during the ARM template deployment.
To connect to the FortiADC CLI via console:
  1. Go to the Azure portal to manage your resource group. Search for and select Resource groups.
  2. In the Support + troubleshooting section, select Serial console.
To connect to the FortiADC CLI via SSH:

Follow the steps below to connect to the FortiADC-VM for Azure using the PuTTY terminal emulation software.

  1. On your management computer, start PuTTY.
  2. To ensure that your configuration does not use environment variables that can interfere with the connection, in the Category tree, expand Connection, and then click Data. Remove any environment variables.
  3. Click Session. For the Host Name (or IP Address), enter the public IP address of the FortiADC-VM.
    For example, 13.x.x.x.
  4. In Port, type 22.
  5. For Connection type, select SSH.
  6. Click Open.
    The SSH client connects to the FortiADC appliance.
    The SSH client may display a warning if this is the first time you are connecting to the FortiADC appliance and its SSH key is not yet recognized by your SSH client, or if you have previously connected to the FortiADC appliance but it used a different IP address or SSH key.
  7. Click Yes to verify the fingerprint and accept the FortiADC appliance’s SSH key. You cannot log in until you accept the key.
    The CLI displays a login prompt.
  8. Enter the FAD Admin Username and FAD Admin Password that were specified during the ARM template deployment.

    If 3 incorrect login or password attempts occur in a row, FortiADC temporarily blacklists your IP address from the GUI and CLI. This action protects the appliance from brute force login attacks. Wait 1 minute, and then attempt the login again.


    The CLI displays a prompt, such as:
    FortiADC#

Managing the admin account

In its factory default configuration, FortiADC has one administrator account named admin. This administrator has permissions that grant full access to FortiADC’s features.

The account you have created in the VM basic settings is not the admin account. To use the admin account, you need to log in to FortiADC's CLI using the account you have created, then set the password for the admin account.

config system admin

edit "admin"

set password "P@ssw0rd"

next

end

The password for the admin account on Azure should not be empty.

Previous
Next

Connecting to the FortiADC GUI and CLI

After deploying the FortiADC HA resources on Azure, you will need to access the FortiADC to configure for the L7 or L4 virtual server scenario.

Obtaining the public IP address of the FortiADC-VMs

  1. Go to the Azure portal to manage your resource group. Search for and select Resource groups.
  2. Locate the resource group you have selected for the ARM template deployment and click the resource group name.
  3. Locate the FortiADC-VMs by the Resource Name Prefix you have defined in the ARM template parameters and click the name.
  4. In the Settings section, select Networking.
  5. Take note of the NIC Public IP.
To connect to the FortiADC web UI:
  1. Enter the FortiADC-VM's public IP address in a web browser's address field. For example, https://13.x.x.x.
    The HTTP access to the FortiADC GUI will be automatically redirected to HTTPS, so if you enter the HTTP port number (e.g., 80), it will be redirected to the HTTPS port (e.g., 443).
  2. Log in using the FAD Admin Username and FAD Admin Password that were specified during the ARM template deployment.
To connect to the FortiADC CLI via console:
  1. Go to the Azure portal to manage your resource group. Search for and select Resource groups.
  2. In the Support + troubleshooting section, select Serial console.
To connect to the FortiADC CLI via SSH:

Follow the steps below to connect to the FortiADC-VM for Azure using the PuTTY terminal emulation software.

  1. On your management computer, start PuTTY.
  2. To ensure that your configuration does not use environment variables that can interfere with the connection, in the Category tree, expand Connection, and then click Data. Remove any environment variables.
  3. Click Session. For the Host Name (or IP Address), enter the public IP address of the FortiADC-VM.
    For example, 13.x.x.x.
  4. In Port, type 22.
  5. For Connection type, select SSH.
  6. Click Open.
    The SSH client connects to the FortiADC appliance.
    The SSH client may display a warning if this is the first time you are connecting to the FortiADC appliance and its SSH key is not yet recognized by your SSH client, or if you have previously connected to the FortiADC appliance but it used a different IP address or SSH key.
  7. Click Yes to verify the fingerprint and accept the FortiADC appliance’s SSH key. You cannot log in until you accept the key.
    The CLI displays a login prompt.
  8. Enter the FAD Admin Username and FAD Admin Password that were specified during the ARM template deployment.

    If 3 incorrect login or password attempts occur in a row, FortiADC temporarily blacklists your IP address from the GUI and CLI. This action protects the appliance from brute force login attacks. Wait 1 minute, and then attempt the login again.


    The CLI displays a prompt, such as:
    FortiADC#

Managing the admin account

In its factory default configuration, FortiADC has one administrator account named admin. This administrator has permissions that grant full access to FortiADC’s features.

The account you have created in the VM basic settings is not the admin account. To use the admin account, you need to log in to FortiADC's CLI using the account you have created, then set the password for the admin account.

config system admin

edit "admin"

set password "P@ssw0rd"

next

end

The password for the admin account on Azure should not be empty.

Previous
Next