Fortinet black logo

Cookbook

6.2.2
6.2.16
6.2.15
6.2.14
6.2.13
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.0
6.0.0
5.6.0
5.4.0

Interface settings

Interface settings

Administrators can configure both physical and virtual FortiGate interfaces in Network > Interfaces. There are different options for configuring interfaces when FortiGate is in NAT mode or transparent mode.

To configure an interface in the GUI:
  1. Go to Network > Interfaces.
  2. Click Create New > Interface.
  3. Configure the interface fields.
To configure an interface in the CLI:
config system interface
   edit "<Interface_Name>"
      set vdom "<VDOM_Name>"
      set mode static/dhcp/pppoe
      set ip <IP_address> <netmask>
      set allowaccess ping https ssh http
      set secondary-IP enable
      config secondaryip
         edit 1
            set ip 9.1.1.2 255.255.255.0
            set allowaccess ping https ssh snmp http
         next
      end
   next
end

Configure administrative access to interfaces

You can configure the protocols that administrators can use to access interfaces on the FortiGate. This helps secure access to the FortiGate by restricting access to a limited number of protocols. It helps prevent users from accessing interfaces that you don't want them to access, such as public-facing ports.

As a best practice, you should configure administrative access when you're setting the IP address for a port.

To configure administrative access to interfaces in the GUI:
  1. Go to Network > Interfaces.
  2. Create or edit an interface.
  3. In the Administrative Access section, select which protocols to enable for IPv4 and IPv6 Administrative Access.

    HTTPS

    Allow secure HTTPS connections to the FortiGate GUI through this interface. If configured, this option is enabled automatically.

    HTTP

    Allow HTTP connections to the FortiGate GUI through this interface. This option can only be enabled if HTTPS is already enabled.

    PING

    The interface responds to pings. Use this setting to verify your installation and for testing.

    FMG-Access

    Allow FortiManager authorization automatically during the communication exchanges between FortiManager and FortiGate devices.

    CAPWAP

    Allow the FortiGate wireless controller to manage a wireless access point such as a FortiAP device.

    SSH

    Allow SSH connections to the CLI through this interface.

    SNMP

    Allow a remote SNMP manager to request SNMP information by connecting to this interface.

    FTM

    FortiToken Mobile Push (FTM) access.

    RADIUS Accounting

    Allow RADIUS accounting information on this interface.

    FortiTelemetry

Previous
Next

Interface settings

Administrators can configure both physical and virtual FortiGate interfaces in Network > Interfaces. There are different options for configuring interfaces when FortiGate is in NAT mode or transparent mode.

To configure an interface in the GUI:
  1. Go to Network > Interfaces.
  2. Click Create New > Interface.
  3. Configure the interface fields.
To configure an interface in the CLI:
config system interface
   edit "<Interface_Name>"
      set vdom "<VDOM_Name>"
      set mode static/dhcp/pppoe
      set ip <IP_address> <netmask>
      set allowaccess ping https ssh http
      set secondary-IP enable
      config secondaryip
         edit 1
            set ip 9.1.1.2 255.255.255.0
            set allowaccess ping https ssh snmp http
         next
      end
   next
end

Configure administrative access to interfaces

You can configure the protocols that administrators can use to access interfaces on the FortiGate. This helps secure access to the FortiGate by restricting access to a limited number of protocols. It helps prevent users from accessing interfaces that you don't want them to access, such as public-facing ports.

As a best practice, you should configure administrative access when you're setting the IP address for a port.

To configure administrative access to interfaces in the GUI:
  1. Go to Network > Interfaces.
  2. Create or edit an interface.
  3. In the Administrative Access section, select which protocols to enable for IPv4 and IPv6 Administrative Access.

    HTTPS

    Allow secure HTTPS connections to the FortiGate GUI through this interface. If configured, this option is enabled automatically.

    HTTP

    Allow HTTP connections to the FortiGate GUI through this interface. This option can only be enabled if HTTPS is already enabled.

    PING

    The interface responds to pings. Use this setting to verify your installation and for testing.

    FMG-Access

    Allow FortiManager authorization automatically during the communication exchanges between FortiManager and FortiGate devices.

    CAPWAP

    Allow the FortiGate wireless controller to manage a wireless access point such as a FortiAP device.

    SSH

    Allow SSH connections to the CLI through this interface.

    SNMP

    Allow a remote SNMP manager to request SNMP information by connecting to this interface.

    FTM

    FortiToken Mobile Push (FTM) access.

    RADIUS Accounting

    Allow RADIUS accounting information on this interface.

    FortiTelemetry

Previous
Next