To connect to the FortiAuthenticator-VM instance, you require the instance's elastic IP address, the key pair, and an SSH client.
After launching the FortiAuthenticator-VM instance from the AWS Marketplace or EC2 Management Console, navigate to the EC2 Management Console and view the list of instances to confirm that the instance is provisioned and powered up. Take note of the instance's public IP address.
- Using SSH, initiate a connection to the FortiAuthenticator-VM with the following command:
ssh -i "<keypair_file_location>" admin@<public_IPv4_Address>
Use the following command to set the permissions of your private key file when using an SSH client on a macOS or Linux computer to connect to your Linux instance:
chmod 400 my-key-pair.pem
This ensures that only you can read the private key file.
If the private key permissions are not set, you cannot connect to your Linux instance using the key pair you have set up. For more information, see Error: Unprotected private key file.
For additional information on connecting to your instance from a Linux environment, see Connecting to Your Linux Instance Using SSH.
This section details how to connect to the FortiAuthenticator-VM using PuTTY, a free SSH client. You can download and install PuTTY from the PuTTY download page. PuTTY does not support the private key format (
.pem) provided by AWS. Before you can connect to the FortiAuthenticator instance, you must convert your private key to (
.ppk) format required by PuTTY. For more information, see Convert Your Private Key Using PuTTYgen.
- Open PuTTY.
- In the Category pane, expand Connection, expand SSH, and then click Auth.
- Click Browse , select the
.ppkfile for your key pair, and then click Open.
- In the Category pane, click Session.
- For Host Name (or IP address), type
- Ensure Port is set to 22.
- Click Open.
- PuTTY displays a security alert that asks whether you trust the host you are connecting to. Click Yes.
The PuTTY SSH terminal window opens.
For additional information on connecting to your FortiAuthenticator-VM instance from a Windows environment, see Connecting to Your Linux Instance from Windows Using PuTTY.
Fortinet recommends changing the default admin password after successfully connecting to the FortiAuthenticator-VM. To change the admin password, execute the following command in the open SSH session:
execute restore-admin <new_password>
To enable access to the FortiAuthenticator UI, execute the following commands in the open SSH session:
config system global
set allowed-hosts <public_IPv4_Address>
- In a web browser, navigate to https://<public_IPv4_Address>.
- When you connect, your web browser might display a security warning related to the certificate not being trusted. This warning is normal and is due to the certificate being self-signed, rather than being signed by a valid certificate authority. Verify and accept the certificate, either permanently or temporarily, and proceed to https://<public_IPv4_Address>.
- On the Login page, for Username, enter admin. For Password, enter the administrator password selected when you first connected to the FortiAuthenticator-VM.
- Click Login.