Fortinet white logo
Fortinet white logo

Administration Guide

Configuring FortiWeb

Configuring FortiWeb

A FortiWeb can be configured to join a Security Fabric through the root or downstream FortiGate. There are two methods to add a FortiWeb to the Security Fabric:

  • Trigger the authorization on the FortiWeb side and authorize from the FortiOS side.
  • Pre-authorize the FortiWeb from the FortiOS side.

Once the FortiWeb joins the Fabric, the following features are available:

  • View the FortiWeb on topology pages.

  • Create a dashboard Fabric Device widget to view FortiWeb data.

  • Configure single sign-on using SAML.

Triggering the authorization in FortiWeb

In this example, a FortiWeb triggers the authorization process, and then the device is approved in FortiOS. This is example assumes the Security Fabric has already been configured.

To trigger the Security Fabric authorization in FortiWeb:
  1. Edit the FortiGate Fabric Connector settings in FortiWeb (see Fabric Connector: Single Sign On with FortiGate). The Connection Status is currently Authorize pending.
  2. In FortiOS, go to Security Fabric > Fabric Connectors.
  3. In the topology tree, hover over the FortiWeb and click Authorize.
  4. Verify that the certificate is correct, then click Accept.
  5. In FortiWeb, verify that the FortiGate Connection Status is now Authorized.

Pre-authorizing the FortiWeb in FortiOS

In this example, a FortiWeb is pre-authorized on the root FortiGate using certificate authorization. This is example assumes the Security Fabric has already been configured.

To authorize a FortiWeb to join the Security Fabric in FortiOS:
  1. Go to Security Fabric > Fabric Connectors and double-click the Security Fabric Setup card.
  2. Beside Device authorization, click Edit. The Device authorization pane opens.
  3. Add the FortiWeb:
    1. Click Create New and enter a device name.
    2. For Authorization type, select Certificate.
    3. Click Browse to upload the certificate.
    4. For Action, select Accept.
    5. Click OK. The FortiWeb appears in the table.

  4. Go to Security Fabric > Physical Topology or Security Fabric > Logical Topology to view more information.

    Physical topology view:

    Logical topology view:

Configuring FortiWeb

Configuring FortiWeb

A FortiWeb can be configured to join a Security Fabric through the root or downstream FortiGate. There are two methods to add a FortiWeb to the Security Fabric:

  • Trigger the authorization on the FortiWeb side and authorize from the FortiOS side.
  • Pre-authorize the FortiWeb from the FortiOS side.

Once the FortiWeb joins the Fabric, the following features are available:

  • View the FortiWeb on topology pages.

  • Create a dashboard Fabric Device widget to view FortiWeb data.

  • Configure single sign-on using SAML.

Triggering the authorization in FortiWeb

In this example, a FortiWeb triggers the authorization process, and then the device is approved in FortiOS. This is example assumes the Security Fabric has already been configured.

To trigger the Security Fabric authorization in FortiWeb:
  1. Edit the FortiGate Fabric Connector settings in FortiWeb (see Fabric Connector: Single Sign On with FortiGate). The Connection Status is currently Authorize pending.
  2. In FortiOS, go to Security Fabric > Fabric Connectors.
  3. In the topology tree, hover over the FortiWeb and click Authorize.
  4. Verify that the certificate is correct, then click Accept.
  5. In FortiWeb, verify that the FortiGate Connection Status is now Authorized.

Pre-authorizing the FortiWeb in FortiOS

In this example, a FortiWeb is pre-authorized on the root FortiGate using certificate authorization. This is example assumes the Security Fabric has already been configured.

To authorize a FortiWeb to join the Security Fabric in FortiOS:
  1. Go to Security Fabric > Fabric Connectors and double-click the Security Fabric Setup card.
  2. Beside Device authorization, click Edit. The Device authorization pane opens.
  3. Add the FortiWeb:
    1. Click Create New and enter a device name.
    2. For Authorization type, select Certificate.
    3. Click Browse to upload the certificate.
    4. For Action, select Accept.
    5. Click OK. The FortiWeb appears in the table.

  4. Go to Security Fabric > Physical Topology or Security Fabric > Logical Topology to view more information.

    Physical topology view:

    Logical topology view: