Fortinet black logo

Administration Guide

Home FortiProxy 7.0.0 Administration Guide
7.0.0
7.4.3
7.4.2
7.4.1
7.4.0
7.2.10
7.2.9
7.2.8
7.2.7
7.2.0
7.0.17
7.0.0
2.0.0
1.2.0
1.1.0
1.0.0

Settings

Settings

Use the system settings to configure general settings for administration access, password policies, system time settings, and display settings.

Go to System > Settings to configure system settings.

Configure the following settings and then select Apply:

System Settings

Host name

The host name of the FortiProxy unit. The only administrators that can change a host name are administrators whose admin profiles permit system configuration write access. If the FortiProxy unit is part of an HA cluster, you should use a unique host name to distinguish the FortiProxy unit from others in the cluster.

System Time

Current system time

The current time. By default, FortiProxy has the daylight savings time configuration enabled. The system time must be manually adjusted after daylight saving time ends.

Time Zone

Select the time zone of your FortiProxy unit.

Set Time

Select Synchronize with NTP Server or Manual settings.

Select server

If you select Synchronize with NTP Server, you can either use the default FortiGuard server or specify a custom server using the CLI.

Sync interval

If you select Synchronize with NTP Server, enter how often the FortiProxy time is synchronized with the NTP server. The value range is 1-1,440 minutes.

Date

If you select Manual settings, enter the date.

Hour

If you select Manual settings, enter the hour in 24-hour format.

Minute

If you select Manual settings, enter the number of minutes.

Second

If you select Manual settings, enter the number of seconds.

Setup device as local NTP server

Enable to identify a specific interface for this self-originating traffic. After you enable this option, select + in the Listen on Interfaces field and select one or more interfaces.

Administration Settings

HTTP port

Enter the TCP port to be used for administrative HTTP access. The default is 80.

Redirect to HTTPS

Enable Redirect to HTTPS to force redirection from HTTP to HTTPS.

HTTPS port

Enter the TCP port to be used for administrative HTTPS access. The default is 443.

HTTPS server certificate

Select Fortinet_Factory or search for a certificate.

SSH port

Enter the TCP port to be used for administrative SSH access. The default is 22.

Telnet port

Enter the TCP port to be used for administrative Telnet access. The default is 23.

Idle timeout

Change the time after which the GUI logs out idle system administration settings, from 1 to 480 minutes.

Allow concurrent sessions

Concurrent administrator sessions occur when multiple people concurrently access the FortiProxy unit using the same administrator account. This behavior is allowed by default.

Password Policy

Password Scope

Select Admin, IPsec, or Both to change the policy for the administrator password. Select Off to apply no policy for the administrator password

Minimum Length

If you select Admin, IPsec, or Both, set the minimum acceptable length for passwords, from 8 to 128 characters.

Character requirements

If you select Admin, IPsec, or Both, select to enable special character types, upper or lower case letters, or numbers.

Enter information for one or all of the following. Each selected type must occur at least once in the password.

  • Upper case—A, B, C, ... Z

  • Lower case—a, b, c, ... z

  • Numbers (0-9)—0, 1, 2, ... 9

  • Special—@, ?, #, ... %

Allow password reuse

If you select Admin, you can select this option to allow passwords to be reused.

Password expiration

If you select Admin, IPsec, or Both, you can require administrators to change the password after a specified number of days. Enter the number of days in the field. The default is 90 days.

View Settings

Language

The language the GUI uses: English, French, Spanish, Portuguese, Japanese, Traditional Chinese, Simplified Chinese, or Korean.

You should select the language that the operating system of the management computer uses.

Lines per page

Number of lines per page to display in table lists. The range is from 20 to 1000; the default is 50.

Defining the password policy with a minimum character change

Administrators can set a minimum number of unique characters in the new password that do not exist in the old password. This setting overrides the password reuse option if both are enabled.

To configure the password policy in the GUI:

  1. Go to System > Settings and navigate to the Password Policy section.

  2. For Password scope, select Admin.

  3. Enter a value for Minimum number of new characters.

  4. Click Apply.

To configure the password policy in the CLI:
config system password-policy
    set status enable
    set min-change-characters <0-128>
end
Previous
Next

Settings

Use the system settings to configure general settings for administration access, password policies, system time settings, and display settings.

Go to System > Settings to configure system settings.

Configure the following settings and then select Apply:

System Settings

Host name

The host name of the FortiProxy unit. The only administrators that can change a host name are administrators whose admin profiles permit system configuration write access. If the FortiProxy unit is part of an HA cluster, you should use a unique host name to distinguish the FortiProxy unit from others in the cluster.

System Time

Current system time

The current time. By default, FortiProxy has the daylight savings time configuration enabled. The system time must be manually adjusted after daylight saving time ends.

Time Zone

Select the time zone of your FortiProxy unit.

Set Time

Select Synchronize with NTP Server or Manual settings.

Select server

If you select Synchronize with NTP Server, you can either use the default FortiGuard server or specify a custom server using the CLI.

Sync interval

If you select Synchronize with NTP Server, enter how often the FortiProxy time is synchronized with the NTP server. The value range is 1-1,440 minutes.

Date

If you select Manual settings, enter the date.

Hour

If you select Manual settings, enter the hour in 24-hour format.

Minute

If you select Manual settings, enter the number of minutes.

Second

If you select Manual settings, enter the number of seconds.

Setup device as local NTP server

Enable to identify a specific interface for this self-originating traffic. After you enable this option, select + in the Listen on Interfaces field and select one or more interfaces.

Administration Settings

HTTP port

Enter the TCP port to be used for administrative HTTP access. The default is 80.

Redirect to HTTPS

Enable Redirect to HTTPS to force redirection from HTTP to HTTPS.

HTTPS port

Enter the TCP port to be used for administrative HTTPS access. The default is 443.

HTTPS server certificate

Select Fortinet_Factory or search for a certificate.

SSH port

Enter the TCP port to be used for administrative SSH access. The default is 22.

Telnet port

Enter the TCP port to be used for administrative Telnet access. The default is 23.

Idle timeout

Change the time after which the GUI logs out idle system administration settings, from 1 to 480 minutes.

Allow concurrent sessions

Concurrent administrator sessions occur when multiple people concurrently access the FortiProxy unit using the same administrator account. This behavior is allowed by default.

Password Policy

Password Scope

Select Admin, IPsec, or Both to change the policy for the administrator password. Select Off to apply no policy for the administrator password

Minimum Length

If you select Admin, IPsec, or Both, set the minimum acceptable length for passwords, from 8 to 128 characters.

Character requirements

If you select Admin, IPsec, or Both, select to enable special character types, upper or lower case letters, or numbers.

Enter information for one or all of the following. Each selected type must occur at least once in the password.

  • Upper case—A, B, C, ... Z

  • Lower case—a, b, c, ... z

  • Numbers (0-9)—0, 1, 2, ... 9

  • Special—@, ?, #, ... %

Allow password reuse

If you select Admin, you can select this option to allow passwords to be reused.

Password expiration

If you select Admin, IPsec, or Both, you can require administrators to change the password after a specified number of days. Enter the number of days in the field. The default is 90 days.

View Settings

Language

The language the GUI uses: English, French, Spanish, Portuguese, Japanese, Traditional Chinese, Simplified Chinese, or Korean.

You should select the language that the operating system of the management computer uses.

Lines per page

Number of lines per page to display in table lists. The range is from 20 to 1000; the default is 50.

Defining the password policy with a minimum character change

Administrators can set a minimum number of unique characters in the new password that do not exist in the old password. This setting overrides the password reuse option if both are enabled.

To configure the password policy in the GUI:

  1. Go to System > Settings and navigate to the Password Policy section.

  2. For Password scope, select Admin.

  3. Enter a value for Minimum number of new characters.

  4. Click Apply.

To configure the password policy in the CLI:
config system password-policy
    set status enable
    set min-change-characters <0-128>
end
Previous
Next