Connecting to the primary FortiGate-VM

To connect to the primary FortiGate-VM instance, you need a login URL, a username, and a password.

To connect to the primary FortiGate-VM:

1. Construct a login URL in this way: https://<IPAddress>:<Port>/, where:
   • Port refers to the Admin port specified in the section FortiGate configuration.
   • IPAddress refers to the Public IPv4 address of the FortiGate-VM and is listed on the Details tab for the instance. In the EC2 Management console, locate the primary instance as described in the section To verify the primary election:. Click the Instance ID for the primary instance.

   

   Make note of the InstanceID as you will need it to log in.
2. Open an HTTPS session in your browser and go to the login URL. Your browser displays a certificate error message. This is normal because the default FortiGate certificate is self-signed and browsers do not recognize it. Proceed past this error. At a later time, you can upload a publicly signed certificate to avoid this error.
3. Log in with the username admin and the Instance ID of the primary FortiGate-VM instance.

   As the primary FortiGate-VM propagates the password to all secondary FortiGate instances, this is the initial password for all FortiGate-VM instances. You need this initial password if failover occurs prior to changing the password, as the newly elected primary FortiGate-VM still has the previous primary's initial password.

4. FortiOS prompts to change the password at initial login. Doing so at this time is recommended.

   

   You should only change the password on the primary FortiGate-VM. The primary FortiGate-VM will propagate the password to all secondary FortiGate-VMs. Any password changed on a secondary FortiGate-VM will be overwritten.

5. You will now see the FortiGate-VM dashboard. The information displayed in the license widget of the dashboard depends on your license type.