Fortinet black logo

Administration Guide

Interfaces

Interfaces

To view the interface list, go to System > Network > Interfaces.

The following information is shown:

Edit

Select to edit the selected interface.

Search

Enter a search term in the search text box then select Search to search the interface list.

Interface

The names of the physical interfaces on your FortiAuthenticator unit. The name, including number, of a physical interface depends on the model.

IPv4

The IPv4 address of the interface.

IPv6

The IPv6 address of the interface, if applicable.

Link status

The link status of the interface.

To edit an interface:
  1. In the interfaces list, select the interface you need to edit and select the Edit button, or select the interface name. The Edit Network Interface window opens.
  2. Edit the following settings as required.
    InterfaceThe interface name is displayed.

    Status

    The interface's current link status is displayed.

    IP Address / Netmask
    IPv4Enter the IPv4 address and netmask associated with this interface.
    IPv6Enter the IPv6 address associated with this interface.
    Access Rights
    Admin access

    Select the allowed administrative service protocols from: Telnet, SSH, HTTPS, HTTP (GUI), and SNMP.

    When HTTPS is enabled, you can also specify GUI (/login), REST API (/api), and/or Fabric (/api/vi/fabric) access.

    Services

    Select the allowed services from: HTTPS, HTTP, RADIUS Accounting Monitor, RADIUS Auth, RADUS Accounting SSO, RADSEC, TACACS+ Auth, LDAP, LDAPS, FortiGate FSSO, OCSP, FortiClient FSSO, Hierarchical FSSO, DC/TS Agent FSSO, Syslog, and/or Syslog over TLS (TCP/6514).

    When HTTPS is enabled, you can also specify Self-service Portal (/login),Guest Portals (/guests), SAML IdP (/saml-idp), SAML SP SSO (/saml-sp, /login/saml-auth), Kerberos SSO (/login/kerb-auth), SCEP (/cert/scep), CRL Downloads (/cert/crl), FortiToken Mobile API (/api/v1/pushauthresp, /api/v1/transfertoken), and/or OAuth Service API (/api/v1/oauth) access.

    When HTTP is enabled, you can also specify SCEP (/app/cert/scep/), CRL Downloads (/app/cert/crl/), SAML IdP (/saml-idp/), and/or Kerberos SSO (/login/kerb-auth) access.

    Note that Syslog is only available if Syslog SSO has been enabled. See General settings for more information.

  3. Select OK to apply the edits to the network interface.

Interfaces

To view the interface list, go to System > Network > Interfaces.

The following information is shown:

Edit

Select to edit the selected interface.

Search

Enter a search term in the search text box then select Search to search the interface list.

Interface

The names of the physical interfaces on your FortiAuthenticator unit. The name, including number, of a physical interface depends on the model.

IPv4

The IPv4 address of the interface.

IPv6

The IPv6 address of the interface, if applicable.

Link status

The link status of the interface.

To edit an interface:
  1. In the interfaces list, select the interface you need to edit and select the Edit button, or select the interface name. The Edit Network Interface window opens.
  2. Edit the following settings as required.
    InterfaceThe interface name is displayed.

    Status

    The interface's current link status is displayed.

    IP Address / Netmask
    IPv4Enter the IPv4 address and netmask associated with this interface.
    IPv6Enter the IPv6 address associated with this interface.
    Access Rights
    Admin access

    Select the allowed administrative service protocols from: Telnet, SSH, HTTPS, HTTP (GUI), and SNMP.

    When HTTPS is enabled, you can also specify GUI (/login), REST API (/api), and/or Fabric (/api/vi/fabric) access.

    Services

    Select the allowed services from: HTTPS, HTTP, RADIUS Accounting Monitor, RADIUS Auth, RADUS Accounting SSO, RADSEC, TACACS+ Auth, LDAP, LDAPS, FortiGate FSSO, OCSP, FortiClient FSSO, Hierarchical FSSO, DC/TS Agent FSSO, Syslog, and/or Syslog over TLS (TCP/6514).

    When HTTPS is enabled, you can also specify Self-service Portal (/login),Guest Portals (/guests), SAML IdP (/saml-idp), SAML SP SSO (/saml-sp, /login/saml-auth), Kerberos SSO (/login/kerb-auth), SCEP (/cert/scep), CRL Downloads (/cert/crl), FortiToken Mobile API (/api/v1/pushauthresp, /api/v1/transfertoken), and/or OAuth Service API (/api/v1/oauth) access.

    When HTTP is enabled, you can also specify SCEP (/app/cert/scep/), CRL Downloads (/app/cert/crl/), SAML IdP (/saml-idp/), and/or Kerberos SSO (/login/kerb-auth) access.

    Note that Syslog is only available if Syslog SSO has been enabled. See General settings for more information.

  3. Select OK to apply the edits to the network interface.