System Admin
Administrators
FortiGate Version 4.0 Administration Guide
01-400-89802-20090424
213
•
Figure 109: Administrator account configuration - PKI authentication
Administrator
Enter the login name for the administrator account.
The name of the administrator should not contain the characters
<>()#"'
.
Using these characters in the administrator account name can result in a cross
site scripting (XSS) vulnerability.
Type
Select the type of administrator account:
Regular
Select to create a Local administrator account. For more information, see
“Configuring regular (password) authentication for administrators” on
page 214
Remote
Select to authenticate the administrator using a RADIUS, LDAP, or
server. Server authentication for administrators must be configured first. For
more information, see
“Configuring remote authentication for administrators”
.
PKI
Select to enable certificate-based authentication for the administrator. Only
one administrator can be logged in with PKI authentication enabled. For more
information, see
“Configuring PKI certificate authentication for administrators”
.
User Group
Select the administrator user group that includes the Remote server/PKI
(peer) users as members of the
User Group
. The administrator user group
cannot be deleted once the group is selected for authentication.
This is available only if
Type
is
Remote
or
PKI
.
Wildcard
Select to allow all accounts on the RADIUS, LDAP, or server to be
administrators.
This is available only if
Type
is
Remote
. Only one wildcard user is permitted
per VDOM.
Password
Enter a password for the administrator account. For improved security, the
password should be at least 6 characters long.
This is not available if
Wildcard
is selected or when
Type
is
PKI
.
See the Fortinet Knowledge Center article
if you forget or lose an administrator account password
and cannot log in to your FortiGate unit.
Confirm Password
Type the password for the administrator account a second time to confirm that
you have typed it correctly.
This is not available if
Wildcard
is selected or when PKI authentication is
selected.
Trusted Host #1
Trusted Host #2
Trusted Host #3
Enter the trusted host IP address and netmask that administrator login is
restricted to on the FortiGate unit. You can specify up to three trusted hosts.
These addresses all default to 0.0.0.0/0 or 0.0.0.0/0.0.0.0.
For more information, see
“Using trusted hosts” on page 221
Admin Profile
Select the admin profile for the administrator. You can also select
Create
New
to create a new admin profile. For more information on admin profiles, see
Summary of Contents for Gate 60D
Page 705: ...www fortinet com...
Page 706: ...www fortinet com...