Global administration settings
The administration settings page provides options for configuring global settings for administrator access to the FortiManager device. Settings include:
- Ports for HTTPS and HTTP administrative access
To improve security, you can change the default port configurations for administrative connections to the FortiManager. When connecting to the FortiManager unit when the port has changed, the port must be included, such as
https://<ip_address>:<port>
. For example, if you are connecting to the FortiManager unit using port 8080, the URL would behttps://192.168.1.99:8080
. When you change to the default port number for HTTP, HTTPS, or SSH, ensure that the port number is unique. - Idle timeout settings
By default, the GUI disconnects administrative sessions if no activity occurs for five minutes. This prevents someone from using the GUI if the management computer is left unattended.
- GUI language
The language the GUI uses. For best results, you should select the language used by the management computer.
- GUI theme
The default color theme of the GUI is Blueberry. You can choose another color or an image.
- Password policy
Enforce password policies for administrators.
- Display options
on GUI
Display or hide advanced configuration options in the GUI. Only the admin administrator can configure these options.
Only super user administrators can access and configure the administration settings. The settings are global and apply to all administrators of the FortiManager unit. |
To configure the administration settings:
- Go to System Settings > Settings.
- Configure the following settings as needed, then click Apply to save your changes to all administrator accounts:
Administration Settings
HTTP Port
Enter the TCP port to be used for administrative HTTP access. Default: 80.
Select Redirect to HTTPS to redirect HTTP traffic to HTTPS.
HTTPS Port
Enter the TCP port to be used for administrative HTTPS access. Default: 443.
HTTPS & Web Service Server Certificate
Select a certificate from the dropdown list.
Idle Timeout
Enter the number of seconds an administrative connection can be idle before the administrator must log in again, from 60 to 28800 (eight hours). See Idle timeout for more information.
Idle Timeout (API)
Enter the number of seconds an administrative connection to the API can be idle before the administrator must log in again, from 1 to 28800 (eight hours). Default: 900.
Idle Timeout (GUI)
Enter the number of seconds an administrative connection to the GUI can be idle before the administrator must log in again, from 60 to 28800 (eight hours). Default: 900.
Access Remote GUI via Port
Enter the port used to remotely connect to managed FortiGate devices. The default port used is 8082.
View Settings
Language
Select a language from the dropdown list. See GUI language for more information.
High Contrast Theme
Toggle ON to enable a high contrast dark theme in order to make the FortiManager GUI more accessible, and to aid people with visual disability in using the FortiManager GUI.
Other Themes
Select a theme for the GUI. The selected theme is not applied until you click Apply, allowing to you to sample different themes. Default: Jade.
Password Policy
Click to enable administrator password policies. See Password policy and Password lockout and retry attempts for more information.
Minimum Length
Select the minimum length for a password, from 8 to 32 characters. Default: 8.
Must Contain
Select the types of characters a password must contain.
Admin Password Expires after
Select the number of days a password is valid for, after which it must be changed.
Display Options on GUI
Click to expand the display options.
Show Script
Display the Script menu item.
This menu is located on the Device Manager pane. This is an advanced FortiManager feature.
Show Add Multiple Button
Display the Add Multiple Devices option.
This option is located on the Device Manager > Devices & Groups pane, under the More option in the toolbar. This is an advanced FortiManager feature.
Show Device List Import/Export
Select to display the Import Device List and Export Device List buttons. This option is located on the Device Manager > Devices & Groups pane, under the More option in the toolbar. This is an advanced FortiManager feature.
Fabric Authorization
Specifies the accessible management IP of FortiManager for FortiOS to retrieve and use for authorization of a Security Fabric connection to FortiManager.
When you are using FortiOS to create a Security Fabric connection to FortiManager, a browser pop window is displayed and connects to FortiManager as part of the authorization process. FortiOS retrieves the information specified in FortiManager and provides it to the browser popup window to successfully connect to FortiManager.
Without this information, the browser popup window cannot connect to FortiManager in certain topologies, such as when NAT is used.
See also Security Fabric authorization information for FortiOS.
Authorization Address
Type the accessible management IP for FortiManager.
Authorization Port
If a non-default port is used for the management port of FortiManager, specify the custom port.