Fortinet black logo

Connecting to FortiAuthenticator

Copy Link
Copy Doc ID 46e69a21-dc80-11e8-b86b-00505692583a:19184

Connecting to FortiAuthenticator

To connect to the FortiAuthenticator VM instance, you require the instance's elastic IP address, the key pair, and an SSH client.

Reviewing the FortiAuthenticator instance state

After launching the FortiAuthenticator VM instance from the AWS Marketplace or EC2 Management console, navigate to the EC2 dashboard to confirm that the instance is provisioned and powered up. Take note of the instance's public IP address.

Connecting to FortiAuthenticator using SSH and key pair from a Linux environment

  1. Using SSH, initiate a connection to the FortiAuthenticator VM with the following command:
    ssh -i "<keypair_file_location>" admin@<public_IP>

For additional information on connecting to your instance from a Linux environment, see Connecting to Your Linux Instance Using SSH.

Connecting to FortiAuthenticator using SSH and key pair from a Windows environment

This section details how to connect to the FortiAuthenticator VM using PuTTY, a free SSH client. You can download and install PuTTY from the PuTTY download page. PuTTY does not support the private key format (.pem) provided by AWS. Before you can connect to the FortiAuthenticator instance, you must convert your private key to (.ppk) format required by PuTTY. For information, see Converting Your Private Key Using PuTTYgen.

  1. Open PuTTY.
  2. In the Category pane, expand Connection, expand SSH, and then click Auth.
  3. Click Browse , select the .ppk file for your key pair, and then click Open.
  4. In the Category pane, click Session.
  5. For Host Name (or IP address), type admin@<ip_address>.
  6. Ensure Port is set to 22.

  7. Click Open.
  8. PuTTY displays a security alert that asks whether you trust the host you are connecting to. Click Yes.
    The PuTTY SSH terminal window opens.

For additional information on connecting to your FortiAuthenticator VM instance from a Windows environment, see Connecting to Your Linux Instance From Windows Using PuTTY.

Change the FortiAuthenticator administrator password

Fortinet recommends changing the default admin password after successfully connecting to the FortiAuthenticator VM. To change the admin password, execute the following command in the open SSH session:

  • Type execute restore-admin <new password>, and press Enter.

Configure FortiAuthenticator to allow access the Web GUI

To enable access to the FortiAuthenticator Web GUI, execute the following commands in the open SSH session:

  1. Type config system global, and press Enter.
  2. Type set allowed-hosts <public_IP>, and then press Enter.
  3. Type end, and press Enter.

Connect to FortiAuthenticator Web GUI

  1. In a web browser, navigate to https://<public_IP>.
  2. When you connect, your web browser might display a security warning related to the certificate not being trusted. This warning is normal and is due to the certificate being self-signed, rather than being signed by a valid certificate authority. Verify and accept the certificate, either permanently or temporarily, and proceed to https://<public_IP>.
  3. On the Login page, for Username, enter admin. For Password, enter the administrator password selected when you first connected to the FortiAuthenticator VM.
  4. Click Login.

Related Videos

sidebar video

Deploying FortiAuthenticator in AWS

  • 2,028 views
  • 5 years ago

Connecting to FortiAuthenticator

To connect to the FortiAuthenticator VM instance, you require the instance's elastic IP address, the key pair, and an SSH client.

Reviewing the FortiAuthenticator instance state

After launching the FortiAuthenticator VM instance from the AWS Marketplace or EC2 Management console, navigate to the EC2 dashboard to confirm that the instance is provisioned and powered up. Take note of the instance's public IP address.

Connecting to FortiAuthenticator using SSH and key pair from a Linux environment

  1. Using SSH, initiate a connection to the FortiAuthenticator VM with the following command:
    ssh -i "<keypair_file_location>" admin@<public_IP>

For additional information on connecting to your instance from a Linux environment, see Connecting to Your Linux Instance Using SSH.

Connecting to FortiAuthenticator using SSH and key pair from a Windows environment

This section details how to connect to the FortiAuthenticator VM using PuTTY, a free SSH client. You can download and install PuTTY from the PuTTY download page. PuTTY does not support the private key format (.pem) provided by AWS. Before you can connect to the FortiAuthenticator instance, you must convert your private key to (.ppk) format required by PuTTY. For information, see Converting Your Private Key Using PuTTYgen.

  1. Open PuTTY.
  2. In the Category pane, expand Connection, expand SSH, and then click Auth.
  3. Click Browse , select the .ppk file for your key pair, and then click Open.
  4. In the Category pane, click Session.
  5. For Host Name (or IP address), type admin@<ip_address>.
  6. Ensure Port is set to 22.

  7. Click Open.
  8. PuTTY displays a security alert that asks whether you trust the host you are connecting to. Click Yes.
    The PuTTY SSH terminal window opens.

For additional information on connecting to your FortiAuthenticator VM instance from a Windows environment, see Connecting to Your Linux Instance From Windows Using PuTTY.

Change the FortiAuthenticator administrator password

Fortinet recommends changing the default admin password after successfully connecting to the FortiAuthenticator VM. To change the admin password, execute the following command in the open SSH session:

  • Type execute restore-admin <new password>, and press Enter.

Configure FortiAuthenticator to allow access the Web GUI

To enable access to the FortiAuthenticator Web GUI, execute the following commands in the open SSH session:

  1. Type config system global, and press Enter.
  2. Type set allowed-hosts <public_IP>, and then press Enter.
  3. Type end, and press Enter.

Connect to FortiAuthenticator Web GUI

  1. In a web browser, navigate to https://<public_IP>.
  2. When you connect, your web browser might display a security warning related to the certificate not being trusted. This warning is normal and is due to the certificate being self-signed, rather than being signed by a valid certificate authority. Verify and accept the certificate, either permanently or temporarily, and proceed to https://<public_IP>.
  3. On the Login page, for Username, enter admin. For Password, enter the administrator password selected when you first connected to the FortiAuthenticator VM.
  4. Click Login.