Configuring an SSH/Web secret for the Branch_Office_01
FortiGate
To configure a secret:
- Go to Secrets > Secret List.
Alternatively, go to Public Folder in Secrets, select Open Tree, locate the Fabric-Devices folder created in Configuring a folder, and click Open Folder.
From the Create dropdown, select Secret, and skip to step 5.
The General tab opens.
- In Secrets List, select Create.
The Create New Secret in: dialog appears.
- Select the folder where you intend to add the secret.
In this case, the Fabric-Devices folder created in Configuring a folder
- Select Create Secret.
The General tab opens.
- In Name, enter
SSH_Branch_Office_01
for the SSH secret.When creating a web secret, enter
Web_Branch_Office_01
.As a convention, we define the web secrets with a prefix
Web_
and SSH secrets with a prefixSSH_
. - In Folder, ensure that the Fabric-Devices folder created in Configuring secret policy and folder is selected.
- In the Template dropdown, select FortiProduct (SSH Password) when creating the SSH secret.
FortiProduct (SSH Password) is a basic template for any Fortinet device SSH password account.
For the web secret, select Web Account from the Template dropdown.
Web Account is a basic template for any Fortinet device web-based account.
- In the Fields pane:
- For the SSH secret, in Host, enter the IP address of the
Branch_Office_01
FortiGate , i.e.,10.1.0.1
. - For the web secret, in URL, enter the URL for the
Branch_Office_01
FortiGate, i.e.,https://10.1.0.1
. - In Username, enter the username for the
Branch_Office_01
FortiGate. - In Password, enter a password for the
Branch_Office_01
FortiGate. - In the Confirm Password field that appears after the password is filled in, enter the password again.
- For the SSH secret, in Host, enter the IP address of the
- In the Secret Setting pane, note that the Session Recording option is enabled but grayed out. This is because the secret inherits settings from the IT-profile policy that applies to the Fabric Devices folder. See Configuring secret policy and folder.
- Switch to the Secret Permission tab.
Check that the Forti-Admin user group created in Configuring a user group has Edit permission.
- Click Submit.