Fortinet black logo

Connecting to FortiAuthenticator

Copy Link
Copy Doc ID f8bf421f-ebb2-11ea-96b9-00505692583a:19184
Download PDF

Connecting to FortiAuthenticator

To connect to the FortiAuthenticator-VM instance, you require the instance's elastic IP address, the key pair, and an SSH client.

Reviewing the FortiAuthenticator instance state

After launching the FortiAuthenticator-VM instance from the AWS Marketplace or EC2 Management Console, navigate to the EC2 Management Console and view the list of instances to confirm that the instance is provisioned and powered up. Take note of the instance's public IP address.

Connecting to FortiAuthenticator using SSH and key pair from a Linux environment

  1. Using SSH, initiate a connection to the FortiAuthenticator-VM with the following command:
    ssh -i "<keypair_file_location>" admin@<public_IPv4_Address>

    Use the following command to set the permissions of your private key file when using an SSH client on a macOS or Linux computer to connect to your Linux instance:

    chmod 400 my-key-pair.pem

    This ensures that only you can read the private key file.

    If the private key permissions are not set, you cannot connect to your Linux instance using the key pair you have set up. For more information, see Error: Unprotected private key file.

For additional information on connecting to your instance from a Linux environment, see Connecting to Your Linux Instance Using SSH.

Connecting to FortiAuthenticator using SSH and key pair from a Windows environment

This section details how to connect to the FortiAuthenticator-VM using PuTTY, a free SSH client. You can download and install PuTTY from the PuTTY download page. PuTTY does not support the private key format (.pem) provided by AWS. Before you can connect to the FortiAuthenticator instance, you must convert your private key to (.ppk) format required by PuTTY. For more information, see Convert Your Private Key Using PuTTYgen.

  1. Open PuTTY.
  2. In the Category pane, expand Connection, expand SSH, and then click Auth.
  3. Click Browse , select the .ppk file for your key pair, and then click Open.
  4. In the Category pane, click Session.
  5. For Host Name (or IP address), type admin@<public_IPv4_Address>.
  6. Ensure Port is set to 22.

  7. Click Open.
  8. PuTTY displays a security alert that asks whether you trust the host you are connecting to. Click Yes.
    The PuTTY SSH terminal window opens.

For additional information on connecting to your FortiAuthenticator-VM instance from a Windows environment, see Connecting to Your Linux Instance from Windows Using PuTTY.

Change the FortiAuthenticator administrator password

Fortinet recommends changing the default admin password after successfully connecting to the FortiAuthenticator-VM. To change the admin password, execute the following command in the open SSH session:

execute restore-admin <new_password>

Configure FortiAuthenticator to allow UI access

To enable access to the FortiAuthenticator UI, execute the following commands in the open SSH session:

config system global

set allowed-hosts <public_IPv4_Address>

end

Connect to FortiAuthenticator UI

  1. In a web browser, navigate to https://<public_IPv4_Address>.
  2. When you connect, your web browser might display a security warning related to the certificate not being trusted. This warning is normal and is due to the certificate being self-signed, rather than being signed by a valid certificate authority. Verify and accept the certificate, either permanently or temporarily, and proceed to https://<public_IPv4_Address>.
  3. On the Login page, for Username, enter admin. For Password, enter the administrator password selected when you first connected to the FortiAuthenticator-VM.
  4. Click Login.

Related Videos

sidebar video

Deploying FortiAuthenticator in AWS

  • 2,028 views
  • 5 years ago

Connecting to FortiAuthenticator

To connect to the FortiAuthenticator-VM instance, you require the instance's elastic IP address, the key pair, and an SSH client.

Reviewing the FortiAuthenticator instance state

After launching the FortiAuthenticator-VM instance from the AWS Marketplace or EC2 Management Console, navigate to the EC2 Management Console and view the list of instances to confirm that the instance is provisioned and powered up. Take note of the instance's public IP address.

Connecting to FortiAuthenticator using SSH and key pair from a Linux environment

  1. Using SSH, initiate a connection to the FortiAuthenticator-VM with the following command:
    ssh -i "<keypair_file_location>" admin@<public_IPv4_Address>

    Use the following command to set the permissions of your private key file when using an SSH client on a macOS or Linux computer to connect to your Linux instance:

    chmod 400 my-key-pair.pem

    This ensures that only you can read the private key file.

    If the private key permissions are not set, you cannot connect to your Linux instance using the key pair you have set up. For more information, see Error: Unprotected private key file.

For additional information on connecting to your instance from a Linux environment, see Connecting to Your Linux Instance Using SSH.

Connecting to FortiAuthenticator using SSH and key pair from a Windows environment

This section details how to connect to the FortiAuthenticator-VM using PuTTY, a free SSH client. You can download and install PuTTY from the PuTTY download page. PuTTY does not support the private key format (.pem) provided by AWS. Before you can connect to the FortiAuthenticator instance, you must convert your private key to (.ppk) format required by PuTTY. For more information, see Convert Your Private Key Using PuTTYgen.

  1. Open PuTTY.
  2. In the Category pane, expand Connection, expand SSH, and then click Auth.
  3. Click Browse , select the .ppk file for your key pair, and then click Open.
  4. In the Category pane, click Session.
  5. For Host Name (or IP address), type admin@<public_IPv4_Address>.
  6. Ensure Port is set to 22.

  7. Click Open.
  8. PuTTY displays a security alert that asks whether you trust the host you are connecting to. Click Yes.
    The PuTTY SSH terminal window opens.

For additional information on connecting to your FortiAuthenticator-VM instance from a Windows environment, see Connecting to Your Linux Instance from Windows Using PuTTY.

Change the FortiAuthenticator administrator password

Fortinet recommends changing the default admin password after successfully connecting to the FortiAuthenticator-VM. To change the admin password, execute the following command in the open SSH session:

execute restore-admin <new_password>

Configure FortiAuthenticator to allow UI access

To enable access to the FortiAuthenticator UI, execute the following commands in the open SSH session:

config system global

set allowed-hosts <public_IPv4_Address>

end

Connect to FortiAuthenticator UI

  1. In a web browser, navigate to https://<public_IPv4_Address>.
  2. When you connect, your web browser might display a security warning related to the certificate not being trusted. This warning is normal and is due to the certificate being self-signed, rather than being signed by a valid certificate authority. Verify and accept the certificate, either permanently or temporarily, and proceed to https://<public_IPv4_Address>.
  3. On the Login page, for Username, enter admin. For Password, enter the administrator password selected when you first connected to the FortiAuthenticator-VM.
  4. Click Login.