Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiMail 7.2.6 Administration Guide
    7.2.6
    7.6.1
    7.6.0
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.7
    6.2.0
    6.0.6
    6.0.4
    6.0.3
    6.0.1
    6.0.0

    Connecting to the GUI or CLI

    Connecting to the GUI or CLI

    To configure and maintain the FortiMail unit, you can connect to it using either the:

    Connecting to the FortiMail GUI for the first time

    To use the GUI for the initial setup, you must have:

    • a computer with an Ethernet port
    • a supported web browser. For information about supported browser versions, see the release notes for your release.
    • a crossover Ethernet cable

    Default settings for connecting to the GUI

    Network Interface

    port1

    URL

    https://192.168.1.99/admin

    Administrator Account

    admin

    Password

    (none)

    To connect to the GUI

    1. Configure the management computer to be on the same subnet as the port1 interface of the FortiMail unit.

      For example, in Microsoft Windows 10, from the Windows Start menu, go to Settings > Network & Internet > Change adapter options > Local Area Connection Properties > Internet Protocol Version 4 (TCP/IPv4) Properties and change the management computer IP address to 192.168.1.2 and the netmask to 255.255.255.0.

    2. Using the Ethernet cable, connect your computer’s Ethernet port to the FortiMail unit’s port1.

    3. Start your web browser and enter the URL:

      https://192.168.1.99/admin

      (Remember to include the “s” in https://, and /admin at the end of the URL.)

      Note

      If you are connecting to FortiMail-VM with a trial license or to a LENC version of FortiMail, you may not be able to see the logon page due to an SSL/TLS cipher error during the connection. In this case, you must configure your web browser to accept low encryption.
      For example, in Mozilla Firefox, if you receive this error message:

      ssl_error_no_cypher_overlap

      then you may need to enter:

      about:config

      in the URL bar, and then set security.ssl3.rsa.rc4_40_md5 to true.

      To support HTTPS authentication, the FortiMail unit ships with a self-signed security certificate, which it presents to clients whenever they initiate an HTTPS connection to the FortiMail unit. When you connect, depending on your web browser and prior access of the FortiMail unit, your browser might display two security warnings related to this certificate:

      • The certificate is not automatically trusted because it is self-signed, rather than being signed by a valid certificate authority (CA). Self-signed certificates cannot be verified with a proper CA, and therefore might be fraudulent. You must manually indicate whether or not to trust the certificate
      • The certificate might belong to another web site. The common name (CN) field in the certificate, which usually contains the host name of the web site, does not exactly match the URL you requested. This could indicate server identity theft, but could also simply indicate that the certificate contains a domain name while you have entered an IP address. You must manually indicate whether this mismatch is normal or not.

      Both warnings are normal for the default certificate.

    4. Verify and accept the certificate, either permanently (the web browser will not display the self-signing warning again) or temporarily. You cannot log in until you accept the certificate.

      For details on accepting the certificate, see the documentation for your web browser.

      The login dialog appears.

    5. In the Name field, type admin, then select Login (in its default state, there is no password for this account).

      Login credentials entered are encrypted before they are sent to the FortiMail unit. If your login is successful, the GUI appears.

    Choosing a GUI view

    FortiMail administrative GUI has multiple views:

    • Simple View: Default view for the first time login. Displays only the most commonly used menu options.
    • Advanced View: Displays all the menu options.
    • Microsoft 365 & Google Workspace View: Available if you have the Microsoft 365 and Google Workspace API feature license.

    To change to a different view, from the eye icon dropdown list on the upper right corner, select a different view. Your view setting will be saved.

    Connecting to the FortiMail CLI for the first time

    For the initial configuration, you can access the CLI from your management computer either:

    • Locally — Connect your computer directly to the FortiMail unit’s console port.
    • Through the network— Connect your computer through any network attached to one of the FortiMail unit’s network ports. The network interface must have enabled Telnet or SSH administrative access if you will connect using an SSH/Telnet client, or HTTP/HTTPS administrative access if you will connect using the CLI Console widget in the GUI.

    Local access is required in some cases.

    • If you are installing your FortiMail unit for the first time and it is not yet configured to connect to your network, unless you reconfigure your computer’s network settings for a peer connection, you may only be able to connect to the CLI using a local serial console connection.
    • Restoring the firmware utilizes a boot interrupt. Network access to the CLI is not available until after the boot process has completed, and therefore local CLI access is the only viable option.

    This section includes:

    Local console connection and initial configuration

    Local console connections to the CLI are formed by directly connecting your management computer or console to the FortiMail unit, using its DB-9 or RJ-45 console port.

    Requirements

    • a computer with an available serial communications (COM) port
    • an RJ-45-to-DB-9 (null modem) console cable
    • a terminal emulation software such as PuTTY
    Note

    The following procedure describes connection using PuTTY software; steps may vary with other terminal emulators.

    To connect to the CLI using a local serial console connection

    1. Using the console cable, connect the FortiMail unit’s console port to the serial communications (COM) port on your management computer.

    2. On your management computer, start PuTTY.

    3. In the Category tree on the left, go to Connection > Serial and configure the following:

      Serial line to connect to

      COM1 (or, if your computer has multiple serial ports, the name of the connected serial port)

      Speed (baud)

      9600

      Data bits

      8

      Stop bits

      1

      Parity

      None

      Flow control

      None

    4. In the Category tree on the left, go to Session (not the sub-node, Logging) and from Connection type, select Serial.

    5. Click Open.

    6. Press the Enter key to initiate a connection.

      The login prompt appears.

    7. Type a valid administrator account name (such as admin) and press Enter.

    8. Type the password for that administrator account then press Enter (in its default state, there is no password for the admin account).

      The CLI displays a command line prompt.

    Initial system configuration with the CLI

    Once you’ve connected to the FortiMail CLI, you can configure FortiMail system settings.

    The following are only the CLI commands for basic system settings that are required to deploy the FortiMail unit to its intended location on your network. For information on other CLI commands, see the FortiMail CLI Reference.

    To change an administrator password:

    config system admin

    edit <administrator_name>

    set password <new-password_str>

    end

    To change the operation mode:

    config system global

    set operation_mode {gateway | server | transparent}

    end

    To configure the IP address of port1 etc.:

    config system interface

    edit <interface_name>

    set ip <address_ipv4>

    set ipv6 <address_ipv6>

    end

    To configure the default route/gateway:

    config system route

    edit <route_int>

    set destination <destination_ipv4mask>

    set gateway <router_ipv4>

    set interface <interface_name>

    end

    To configure the DNS servers:

    config system dns

    set primary <dns_ipv4>

    set secondary <dns_ipv4>

    end

    To configure NTP time synchronization:

    config system time ntp

    set ntpserver {<address_ipv4> | <host_fqdn>}

    set ntpsync {enable | disable}

    set syncinterval <interval_int>

    end

    To log out:

    exit

    Enabling access to the CLI through the network (SSH or Telnet)

    SSH, Telnet, or CLI Console widget (via the GUI) SSH or Telnet access to the CLI requires connecting your computer to the FortiMail unit using one of its RJ‑45 network ports. You can either connect directly, using a peer connection between the two, or through any intermediary network.

    Note

    If you do not want to use an SSH/Telnet client and you have access to the GUI, you can alternatively access the CLI through the network using the CLI Console widget in the GUI. For details, see the FortiMail CLI Reference.

    Note

    If you do not want to use an SSH/Telnet client and you have access to the GUI, you can alternatively access the CLI through the network using the CLI Console widget in the GUI.

    You must enable SSH and/or Telnet on the network interface associated with that physical network port. If your computer is not connected directly or through a switch, you must also configure the FortiMail unit with a static route to a router that can forward packets from the FortiMail unit to your computer.

    Note

    Telnet is not a secure access method. Use SSH to access the CLI from the Internet or any other untrusted network.

    Requirements

    • a computer with an available serial communications (COM) port and RJ-45 port
    • terminal emulation software such as PuTTY
    • the console cable included in your FortiMail package
    • a crossover or straight-through network cable
    • prior configuration of the operating mode, network interface, and static route (see Initial system configuration with the CLI)

    To enable SSH or Telnet access to the CLI using a local console connection

    1. Using the network cable, connect the FortiMail unit’s network port either directly to your computer’s network port, or to a network through which your computer can reach the FortiMail unit.
    2. Note the number of the physical network port on the FortiMail unit.
    3. Using a local console connection, connect and log into the CLI. For details, see Local console connection and initial configuration.

    4. Enter the following commands:

      config system interface

      edit <interface_name>

      set allowaccess {http https ping snmp ssh telnet}

      end

      where:

      • <interface_name> is the name of the network interface associated with the physical network port, such as port1
      • {http https ping ssh telnet} is the complete, space-delimited list of permitted administrative access protocols, such as https ssh telnet; omit protocols that you do not want to permit

      For example, to exclude HTTP, SNMP, ICMP ECHO (ping), and Telnet, and allow only secure HTTPS and SSH administrative access on port1:

      config system interface

      edit "port1"

      set allowaccess ping https ssh

      next

      end

    5. To confirm the configuration, enter the command to view the access settings for the interface.

      show system interface <interface_name>

      The CLI displays the settings, including the management access settings, for the interface.

      To connect to the CLI through the network interface, see Connecting to the CLI using SSH or Connecting to the CLI using Telnet.

    Connecting to the CLI using SSH

    Once the FortiMail unit is configured to accept SSH connections, you can use an SSH client on your management computer to connect to the CLI.

    Secure Shell (SSH) provides both secure authentication and secure communications to the CLI. Supported SSH protocol versions, ciphers, and bit strengths vary by whether you have enabled FIPS-CC mode, and whether you have enabled strong cryptography, but generally include SSH version 2 with AES-128 and SHA-256 or better.

    Requirements

    To connect to the CLI using SSH

    1. On your management computer, start PuTTY.

    2. In Host Name (or IP Address), type the IP address of a network interface on which you have enabled SSH administrative access.

    3. In Port, type 22.

    4. From Connection type, select SSH.

    5. Click Open.

      The SSH client connects to the FortiMail unit.

      The SSH client may display a warning if this is the first time you are connecting to the FortiMail unit and its SSH key is not yet recognized by your SSH client, or if you have previously connected to the FortiMail unit but it used a different IP address or SSH key. If your management computer is directly connected to the FortiMail unit with no network hosts between them, this is normal.

    6. Click Yes to verify the fingerprint and accept the FortiMail unit’s SSH key. You will not be able to log in until you have accepted the key.

      The CLI displays a login prompt.

    7. Type a valid administrator account name (such as admin) and press Enter.

    8. Type the password for this administrator account and press Enter.

      Note

      If four incorrect login or password attempts occur in a row, you will be disconnected. Wait one minute, then reconnect to attempt the login again.

      The CLI displays a command line prompt (by default, its host name followed by a #). You can now enter CLI commands.

    Connecting to the CLI using Telnet

    Once the FortiMail unit is configured to accept Telnet connections, you can use a Telnet client on your management computer to connect to the CLI.

    Note

    Telnet is not a secure access method. SSH should be used to access the CLI from the Internet or any other untrusted network.

    Requirements

    To connect to the CLI using Telnet

    1. On your management computer, start PuTTY.
    2. In Host Name (or IP Address), type the IP address of a network interface on which you have enabled Telnet administrative access.
    3. In Port, type 23.
    4. From Connection type, select Telnet.

    5. Click Open.

      The CLI displays a login prompt.

    6. Type a valid administrator account name (such as admin) and press Enter.

    7. Type the password for this administrator account and press Enter.

      Note

      If three incorrect login or password attempts occur in a row, you will be disconnected. Wait one minute, then reconnect to attempt the login again.

      The CLI displays a command line prompt (by default, its host name followed by a #). You can now enter CLI commands.

    Logging out from the CLI console

    Regardless of how you connect to the FortiMail CLI console (direct console connection, SSH, or Telnet), to log out, enter the exit command.

    See also

    Connecting to the FortiMail GUI for the first time

    Using the front panel’s control buttons and LCD display

    On some FortiMail models, you can use the front panel’s control buttons and LCD display to configure the:

    • IP addresses and netmasks for each of the network interfaces
    • default route/gateway
    • operating mode

    You can also use the front panel to reset the FortiMail unit to the default settings for its firmware version.

    After using the front panel to configure these basic settings, you must still connect to the GUI to complete additional setup. To continue, see Connecting to the FortiMail GUI for the first time.

    Previous
    Next

    Connecting to the GUI or CLI

    Connecting to the GUI or CLI

    To configure and maintain the FortiMail unit, you can connect to it using either the:

    Connecting to the FortiMail GUI for the first time

    To use the GUI for the initial setup, you must have:

    • a computer with an Ethernet port
    • a supported web browser. For information about supported browser versions, see the release notes for your release.
    • a crossover Ethernet cable

    Default settings for connecting to the GUI

    Network Interface

    port1

    URL

    https://192.168.1.99/admin

    Administrator Account

    admin

    Password

    (none)

    To connect to the GUI

    1. Configure the management computer to be on the same subnet as the port1 interface of the FortiMail unit.

      For example, in Microsoft Windows 10, from the Windows Start menu, go to Settings > Network & Internet > Change adapter options > Local Area Connection Properties > Internet Protocol Version 4 (TCP/IPv4) Properties and change the management computer IP address to 192.168.1.2 and the netmask to 255.255.255.0.

    2. Using the Ethernet cable, connect your computer’s Ethernet port to the FortiMail unit’s port1.

    3. Start your web browser and enter the URL:

      https://192.168.1.99/admin

      (Remember to include the “s” in https://, and /admin at the end of the URL.)

      Note

      If you are connecting to FortiMail-VM with a trial license or to a LENC version of FortiMail, you may not be able to see the logon page due to an SSL/TLS cipher error during the connection. In this case, you must configure your web browser to accept low encryption.
      For example, in Mozilla Firefox, if you receive this error message:

      ssl_error_no_cypher_overlap

      then you may need to enter:

      about:config

      in the URL bar, and then set security.ssl3.rsa.rc4_40_md5 to true.

      To support HTTPS authentication, the FortiMail unit ships with a self-signed security certificate, which it presents to clients whenever they initiate an HTTPS connection to the FortiMail unit. When you connect, depending on your web browser and prior access of the FortiMail unit, your browser might display two security warnings related to this certificate:

      • The certificate is not automatically trusted because it is self-signed, rather than being signed by a valid certificate authority (CA). Self-signed certificates cannot be verified with a proper CA, and therefore might be fraudulent. You must manually indicate whether or not to trust the certificate
      • The certificate might belong to another web site. The common name (CN) field in the certificate, which usually contains the host name of the web site, does not exactly match the URL you requested. This could indicate server identity theft, but could also simply indicate that the certificate contains a domain name while you have entered an IP address. You must manually indicate whether this mismatch is normal or not.

      Both warnings are normal for the default certificate.

    4. Verify and accept the certificate, either permanently (the web browser will not display the self-signing warning again) or temporarily. You cannot log in until you accept the certificate.

      For details on accepting the certificate, see the documentation for your web browser.

      The login dialog appears.

    5. In the Name field, type admin, then select Login (in its default state, there is no password for this account).

      Login credentials entered are encrypted before they are sent to the FortiMail unit. If your login is successful, the GUI appears.

    Choosing a GUI view

    FortiMail administrative GUI has multiple views:

    • Simple View: Default view for the first time login. Displays only the most commonly used menu options.
    • Advanced View: Displays all the menu options.
    • Microsoft 365 & Google Workspace View: Available if you have the Microsoft 365 and Google Workspace API feature license.

    To change to a different view, from the eye icon dropdown list on the upper right corner, select a different view. Your view setting will be saved.

    Connecting to the FortiMail CLI for the first time

    For the initial configuration, you can access the CLI from your management computer either:

    • Locally — Connect your computer directly to the FortiMail unit’s console port.
    • Through the network— Connect your computer through any network attached to one of the FortiMail unit’s network ports. The network interface must have enabled Telnet or SSH administrative access if you will connect using an SSH/Telnet client, or HTTP/HTTPS administrative access if you will connect using the CLI Console widget in the GUI.

    Local access is required in some cases.

    • If you are installing your FortiMail unit for the first time and it is not yet configured to connect to your network, unless you reconfigure your computer’s network settings for a peer connection, you may only be able to connect to the CLI using a local serial console connection.
    • Restoring the firmware utilizes a boot interrupt. Network access to the CLI is not available until after the boot process has completed, and therefore local CLI access is the only viable option.

    This section includes:

    Local console connection and initial configuration

    Local console connections to the CLI are formed by directly connecting your management computer or console to the FortiMail unit, using its DB-9 or RJ-45 console port.

    Requirements

    • a computer with an available serial communications (COM) port
    • an RJ-45-to-DB-9 (null modem) console cable
    • a terminal emulation software such as PuTTY
    Note

    The following procedure describes connection using PuTTY software; steps may vary with other terminal emulators.

    To connect to the CLI using a local serial console connection

    1. Using the console cable, connect the FortiMail unit’s console port to the serial communications (COM) port on your management computer.

    2. On your management computer, start PuTTY.

    3. In the Category tree on the left, go to Connection > Serial and configure the following:

      Serial line to connect to

      COM1 (or, if your computer has multiple serial ports, the name of the connected serial port)

      Speed (baud)

      9600

      Data bits

      8

      Stop bits

      1

      Parity

      None

      Flow control

      None

    4. In the Category tree on the left, go to Session (not the sub-node, Logging) and from Connection type, select Serial.

    5. Click Open.

    6. Press the Enter key to initiate a connection.

      The login prompt appears.

    7. Type a valid administrator account name (such as admin) and press Enter.

    8. Type the password for that administrator account then press Enter (in its default state, there is no password for the admin account).

      The CLI displays a command line prompt.

    Initial system configuration with the CLI

    Once you’ve connected to the FortiMail CLI, you can configure FortiMail system settings.

    The following are only the CLI commands for basic system settings that are required to deploy the FortiMail unit to its intended location on your network. For information on other CLI commands, see the FortiMail CLI Reference.

    To change an administrator password:

    config system admin

    edit <administrator_name>

    set password <new-password_str>

    end

    To change the operation mode:

    config system global

    set operation_mode {gateway | server | transparent}

    end

    To configure the IP address of port1 etc.:

    config system interface

    edit <interface_name>

    set ip <address_ipv4>

    set ipv6 <address_ipv6>

    end

    To configure the default route/gateway:

    config system route

    edit <route_int>

    set destination <destination_ipv4mask>

    set gateway <router_ipv4>

    set interface <interface_name>

    end

    To configure the DNS servers:

    config system dns

    set primary <dns_ipv4>

    set secondary <dns_ipv4>

    end

    To configure NTP time synchronization:

    config system time ntp

    set ntpserver {<address_ipv4> | <host_fqdn>}

    set ntpsync {enable | disable}

    set syncinterval <interval_int>

    end

    To log out:

    exit

    Enabling access to the CLI through the network (SSH or Telnet)

    SSH, Telnet, or CLI Console widget (via the GUI) SSH or Telnet access to the CLI requires connecting your computer to the FortiMail unit using one of its RJ‑45 network ports. You can either connect directly, using a peer connection between the two, or through any intermediary network.

    Note

    If you do not want to use an SSH/Telnet client and you have access to the GUI, you can alternatively access the CLI through the network using the CLI Console widget in the GUI. For details, see the FortiMail CLI Reference.

    Note

    If you do not want to use an SSH/Telnet client and you have access to the GUI, you can alternatively access the CLI through the network using the CLI Console widget in the GUI.

    You must enable SSH and/or Telnet on the network interface associated with that physical network port. If your computer is not connected directly or through a switch, you must also configure the FortiMail unit with a static route to a router that can forward packets from the FortiMail unit to your computer.

    Note

    Telnet is not a secure access method. Use SSH to access the CLI from the Internet or any other untrusted network.

    Requirements

    • a computer with an available serial communications (COM) port and RJ-45 port
    • terminal emulation software such as PuTTY
    • the console cable included in your FortiMail package
    • a crossover or straight-through network cable
    • prior configuration of the operating mode, network interface, and static route (see Initial system configuration with the CLI)

    To enable SSH or Telnet access to the CLI using a local console connection

    1. Using the network cable, connect the FortiMail unit’s network port either directly to your computer’s network port, or to a network through which your computer can reach the FortiMail unit.
    2. Note the number of the physical network port on the FortiMail unit.
    3. Using a local console connection, connect and log into the CLI. For details, see Local console connection and initial configuration.

    4. Enter the following commands:

      config system interface

      edit <interface_name>

      set allowaccess {http https ping snmp ssh telnet}

      end

      where:

      • <interface_name> is the name of the network interface associated with the physical network port, such as port1
      • {http https ping ssh telnet} is the complete, space-delimited list of permitted administrative access protocols, such as https ssh telnet; omit protocols that you do not want to permit

      For example, to exclude HTTP, SNMP, ICMP ECHO (ping), and Telnet, and allow only secure HTTPS and SSH administrative access on port1:

      config system interface

      edit "port1"

      set allowaccess ping https ssh

      next

      end

    5. To confirm the configuration, enter the command to view the access settings for the interface.

      show system interface <interface_name>

      The CLI displays the settings, including the management access settings, for the interface.

      To connect to the CLI through the network interface, see Connecting to the CLI using SSH or Connecting to the CLI using Telnet.

    Connecting to the CLI using SSH

    Once the FortiMail unit is configured to accept SSH connections, you can use an SSH client on your management computer to connect to the CLI.

    Secure Shell (SSH) provides both secure authentication and secure communications to the CLI. Supported SSH protocol versions, ciphers, and bit strengths vary by whether you have enabled FIPS-CC mode, and whether you have enabled strong cryptography, but generally include SSH version 2 with AES-128 and SHA-256 or better.

    Requirements

    To connect to the CLI using SSH

    1. On your management computer, start PuTTY.

    2. In Host Name (or IP Address), type the IP address of a network interface on which you have enabled SSH administrative access.

    3. In Port, type 22.

    4. From Connection type, select SSH.

    5. Click Open.

      The SSH client connects to the FortiMail unit.

      The SSH client may display a warning if this is the first time you are connecting to the FortiMail unit and its SSH key is not yet recognized by your SSH client, or if you have previously connected to the FortiMail unit but it used a different IP address or SSH key. If your management computer is directly connected to the FortiMail unit with no network hosts between them, this is normal.

    6. Click Yes to verify the fingerprint and accept the FortiMail unit’s SSH key. You will not be able to log in until you have accepted the key.

      The CLI displays a login prompt.

    7. Type a valid administrator account name (such as admin) and press Enter.

    8. Type the password for this administrator account and press Enter.

      Note

      If four incorrect login or password attempts occur in a row, you will be disconnected. Wait one minute, then reconnect to attempt the login again.

      The CLI displays a command line prompt (by default, its host name followed by a #). You can now enter CLI commands.

    Connecting to the CLI using Telnet

    Once the FortiMail unit is configured to accept Telnet connections, you can use a Telnet client on your management computer to connect to the CLI.

    Note

    Telnet is not a secure access method. SSH should be used to access the CLI from the Internet or any other untrusted network.

    Requirements

    To connect to the CLI using Telnet

    1. On your management computer, start PuTTY.
    2. In Host Name (or IP Address), type the IP address of a network interface on which you have enabled Telnet administrative access.
    3. In Port, type 23.
    4. From Connection type, select Telnet.

    5. Click Open.

      The CLI displays a login prompt.

    6. Type a valid administrator account name (such as admin) and press Enter.

    7. Type the password for this administrator account and press Enter.

      Note

      If three incorrect login or password attempts occur in a row, you will be disconnected. Wait one minute, then reconnect to attempt the login again.

      The CLI displays a command line prompt (by default, its host name followed by a #). You can now enter CLI commands.

    Logging out from the CLI console

    Regardless of how you connect to the FortiMail CLI console (direct console connection, SSH, or Telnet), to log out, enter the exit command.

    See also

    Connecting to the FortiMail GUI for the first time

    Using the front panel’s control buttons and LCD display

    On some FortiMail models, you can use the front panel’s control buttons and LCD display to configure the:

    • IP addresses and netmasks for each of the network interfaces
    • default route/gateway
    • operating mode

    You can also use the front panel to reset the FortiMail unit to the default settings for its firmware version.

    After using the front panel to configure these basic settings, you must still connect to the GUI to complete additional setup. To continue, see Connecting to the FortiMail GUI for the first time.

    Previous
    Next