Connecting to the master FortiGate-VM instance
To connect to the master FortiGate-VM instance, you will need:
- a login URL
- a username (admin)
- a password (the InstanceID of the master FortiGate-VM instance)
Deployments with both BYOL and On-Demand instances, also need the scalingGroupName of the master FortiGate-VM. This name is listed in the master record. For details on how to locate the master record, refer to the end of the section Verifying the deployment.
The initial password for all FortiGate-VM instances is the instanceID of the master FortiGate-VM. This instanceID is stored in the master record and in the DynamoDB table <ResourceTagPrefix>-Settings.
For details on how to locate the master record, refer to the end of the section Verifying the deployment.
For details on locating the DynamoDB table <ResourceTagPrefix>-Settings, refer to the section Locating deployed resources.
As the master FortiGate-VM propagates the password to all secondary FortiGate-VM instances, this is the initial password for all FortiGate-VM instances.
You will need this initial password if failover occurs prior to the password being changed, as the newly elected master FortiGate-VM will still have the initial password of the previous master.
To construct the login URL of the master FortiGate-VM instance:
- Look up the Auto Scaling group(s) as described in steps 6-8 of the ASG portion of the section Verifying the deployment.
- Select the Auto Scaling group that contains the master instance. If you have more than one instance type, two groups will be listed. The group containing the master instance is the group with the scalingGroupName listed in the master record.
- In the lower pane, select the Instances tab and then click the master instance. This is the instance with the instanceID you obtained in the section To obtain the password:.
- Make note of the IPv4 Public IP in the lower pane.
- Construct a login URL in this way: https://<IPAddress>:<Port>/, where:
- IPAddress refers to the IPv4 Public IP of the FortiGate-VM.
- Port refers to the Admin port specified in the section FortiGate-VM configuration.
To connect to the master FortiGate-VM instance:
- Open an HTTPS session in your browser and go to the login URL.
- Your browser will display a certificate error message. This is normal because the default FortiGate certificate is self-signed and not recognized by browsers. Proceed past this error. At a later time, you can upload a publicly signed certificate to avoid this error.
- Log into the master FortiGate-VM instance with the username admin and the instanceID you obtained in the section To obtain the password:.
- You are prompted to change the default password at the first-time login. It is recommended that you do so at this time.
You should only change the password on the master FortiGate-VM instance. The master FortiGate-VM instance will propagate the password to all slave FortiGate-VMs. Any attempt to change the password on a slave FortiGate-VM is overwritten with the master FortiGate-VM's password.
- You will now see the FortiGate-VM dashboard. The information displayed in the license widget of the dashboard depends on your license type.
Follow the same steps to log into any other FortiGate-VM in the Auto Scaling group(s) as needed.