Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiAuthenticator 6.5.6 Administration Guide
    6.5.6
    6.6.2
    6.6.1
    6.6.0
    6.5.6
    6.5.5
    6.5.4
    6.5.3
    6.5.2
    6.5.1
    6.5.0
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.3.4
    6.3.3
    6.3.2
    6.3.1
    6.3.0
    6.2.2
    6.2.1
    6.2.0
    6.1.3
    6.1.2
    6.1.1
    6.1.0
    6.0.8
    6.0.7
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.5.0
    5.4.0
    5.3.0
    5.2.0
    5.1.0
    5.0.0
    4.3.0
    4.2.1
    4.2.0

    Interfaces

    Interfaces

    To view the interface list, go to System > Network > Interfaces.

    The following information is shown:

    Edit

    Select to edit the selected interface.

    Search

    Enter a search term in the search text box then select Search to search the interface list.

    Interface

    The names of the physical interfaces on your FortiAuthenticator unit. The name, including number, of a physical interface depends on the model.

    IPv4

    The IPv4 address of the interface.

    IPv6

    The IPv6 address of the interface, if applicable.

    Link status

    The link status of the interface.
    To edit an interface:
    1. In the interfaces list, select the interface you need to edit and select the Edit button, or select the interface name. The Edit Network Interface window opens.

    2. Edit the following settings as required.
      InterfaceThe interface name is displayed.

      Status

      The interface's current link status is displayed.

      IP Address / Netmask
      IPv4Enter the IPv4 address and netmask associated with this interface.
      IPv6Enter the IPv6 address associated with this interface.
      Access Rights
      Admin access

      Select the allowed administrative service protocols from: Telnet, SSH, HTTP, and SNMP.

      For HTTPS, you can also specify GUI (TCP/443), REST API (/api), and/or Fabric (/api/vi/fabric) access.

      Services

      Enable the services that you want FortiAuthenticator to act as a server for:

      HTTPS, HTTP, RADIUS Accounting Monitor, RADIUS Auth, RADUS Accounting SSO, RADSEC, TACACS+ Auth, LDAP, LDAPS, FortiGate FSSO, OCSP, FortiClient FSSO, Hierarchical FSSO, DC/TS Agent FSSO, Syslog, Syslog over TLS (TCP/6514), and/or SAML IdP SSO.

      When HTTPS is enabled, you can also specify Legacy Self-service Portal (/login), Captive Portals (/guests, /portals), SAML IdP (/saml-idp), SAML SP SSO (/saml-sp, /login/saml-auth), Kerberos SSO (/login/kerb-auth), SCEP (/cert/scep), CRL Downloads (/cert/crl), FortiToken Mobile API (/api/v1/pushauthresp, /api/v1/transfertoken), and/or OAuth Service API (/api/v1/oauth) access.

      When HTTP is enabled, you can also specify SCEP (/app/cert/scep/), CRL Downloads (/app/cert/crl/), SAML IdP (/saml-idp/), and/or Kerberos SSO (/login/kerb-auth) access.

      Note that Syslog is only available if Syslog SSO has been enabled. See General settings for more information.

      A disabled service will not answer queries as it is not active. Enabling the service but leaving it unconfigured will make the service respond to queries, even with incorrect responses. This will use resources and may cause a potential attack.

    3. Select Save to apply the edits to the network interface.
    Previous
    Next

    Interfaces

    Interfaces

    To view the interface list, go to System > Network > Interfaces.

    The following information is shown:

    Edit

    Select to edit the selected interface.

    Search

    Enter a search term in the search text box then select Search to search the interface list.

    Interface

    The names of the physical interfaces on your FortiAuthenticator unit. The name, including number, of a physical interface depends on the model.

    IPv4

    The IPv4 address of the interface.

    IPv6

    The IPv6 address of the interface, if applicable.

    Link status

    The link status of the interface.
    To edit an interface:
    1. In the interfaces list, select the interface you need to edit and select the Edit button, or select the interface name. The Edit Network Interface window opens.

    2. Edit the following settings as required.
      InterfaceThe interface name is displayed.

      Status

      The interface's current link status is displayed.

      IP Address / Netmask
      IPv4Enter the IPv4 address and netmask associated with this interface.
      IPv6Enter the IPv6 address associated with this interface.
      Access Rights
      Admin access

      Select the allowed administrative service protocols from: Telnet, SSH, HTTP, and SNMP.

      For HTTPS, you can also specify GUI (TCP/443), REST API (/api), and/or Fabric (/api/vi/fabric) access.

      Services

      Enable the services that you want FortiAuthenticator to act as a server for:

      HTTPS, HTTP, RADIUS Accounting Monitor, RADIUS Auth, RADUS Accounting SSO, RADSEC, TACACS+ Auth, LDAP, LDAPS, FortiGate FSSO, OCSP, FortiClient FSSO, Hierarchical FSSO, DC/TS Agent FSSO, Syslog, Syslog over TLS (TCP/6514), and/or SAML IdP SSO.

      When HTTPS is enabled, you can also specify Legacy Self-service Portal (/login), Captive Portals (/guests, /portals), SAML IdP (/saml-idp), SAML SP SSO (/saml-sp, /login/saml-auth), Kerberos SSO (/login/kerb-auth), SCEP (/cert/scep), CRL Downloads (/cert/crl), FortiToken Mobile API (/api/v1/pushauthresp, /api/v1/transfertoken), and/or OAuth Service API (/api/v1/oauth) access.

      When HTTP is enabled, you can also specify SCEP (/app/cert/scep/), CRL Downloads (/app/cert/crl/), SAML IdP (/saml-idp/), and/or Kerberos SSO (/login/kerb-auth) access.

      Note that Syslog is only available if Syslog SSO has been enabled. See General settings for more information.

      A disabled service will not answer queries as it is not active. Enabling the service but leaving it unconfigured will make the service respond to queries, even with incorrect responses. This will use resources and may cause a potential attack.

    3. Select Save to apply the edits to the network interface.
    Previous
    Next