Fortinet black logo

Administration Guide

Home FortiPortal 5.3.4 Administration Guide
5.3.4
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.0.14
6.0.13
6.0.12
6.0.11
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.3.8
5.3.7
5.3.6
5.3.5
5.3.4
5.3.3
5.3.2
5.3.0
5.2.0
4.1.0
4.0.3
4.0.2
4.0.1
4.0.0

Admin settings

Admin settings

Go to Admin > Settings to change the general administrative settings for FortiPortal. The following figure shows the settings page (with authentication set to local):

The following table describes the settings:

Settings

Guidelines

Administrative Settings

FPC Data Store Size

Required. Amount of database storage (in GB) to reserve for the portal DB

Session Timeout

Required. Timeout for user sessions on the Administrative or Customer web interfaces. The default is 30 minutes. The range is 15-3240 minutes.

Trusted Hosts

Select Enable or Disable. When enabled, you can create a whitelist of originating IP subnetworks; only log-in requests from these subnetworks will be allowed. The system also provides a blacklist, for blocking rogue log-in attempts.

Email Settings

SMTP Server

Required. URL of the SMTP serve from which FortiPortal sends emails

Email From

Required. Email address. Emails sent from FortiPortal will originate from this address.

Port

Required. Email server port. The default value is 25.

Authentication

Enable or disable authentication. If you enable authentication, enter a user name and password. You can use special characters in the user name.

User Authentication

Authentication Access

Select Local or Remote.

If the authentication access is local, the administrator and customer user log-in credentials are checked in the local user databases. With the local option, you must add an SP user entry for each administrative user, and a customer user for each end-customer user.

If the authentication access is remote, the administrator and customer user log-in credentials are checked in the remote RADIUS server or FortiAuthenticator user database. Local customer users cannot be used when remote authentication is selected. See Remote authentication using FortiAuthenticator, RADIUS server configuration , and Remote authentication-SSO .
If you select RADIUS or SSO as the remote server, the system displays the View Roles icon () beside the Remote Server drop-down list. Select this icon to map the RADIUS (RADIUS Roles) or SSO (SSO Roles) roles with the local roles.

When you change the authentication configuration from local to remote or from remote to local, you must restart FortiPortal.

Other

Store Aggregation Data for

Length of time (in days) that the system will save the aggregation data. Values include: 30, 60, 90, or 180 days. The default is 30 days. Displayed in Collector mode only.

Store Report Data for

Length of time (in days) that the system will save report data. Values include: 30, 60, 90, 180, or 365 days. The default is 180 days. Displayed in Collector mode only.

Load Balancer Domain/IP Address

Load balancer IP address or domain name, if you have configured multiple instances of the Apache Tomcat server.

Load Balancer Port

Load balancer port number (required if you specified a load balancer IP address, not required for a domain name). The default value is 443.

Max Reports Allowed

Maximum number of reports that can be defined for this customer. This number includes customer-defined reports and also any reports that the administrator has defined for this customer.

Alert Email From

Alert emails will be sent from this email address.

Alert Email To

Alert emails will be sent to this email address.

Language

Desired language (default, English)
If you change the language, save the settings and log out. The change takes effect upon subsequent logins.

Time Zone

Select the appropriate time zone to use.

TLS/SSL Versions

Select which TLS/SSL versions are used.

Analytics Data Source

Select FortiAnalyzer or Collector.

Use https://mysqlbackupftp.com to back up the portal and collector database before switching from Collector mode to FortiAnalyzer mode. After you switch modes, the collector database is deleted.

If you select Collector, FortiPortal operates in Collector mode and uses collectors to collect logs from FortiAnalyzer.

If you select FortiAnalyzer, FortiPortal operates in FortiAnalyzer mode and collects logs directly from FortiAnalyzer. To use FortiAnalyzer mode, you must be running FortiAnalyzer 6.0 or later.

Remote Log Server

Primary Server

Primary log server IP address

Primary Port

Primary log server port number (mandatory if the server address is supplied)

Secondary Server

Secondary log server IP address

Secondary Port

Secondary log server port number (mandatory if server address supplied)
Previous
Next

Admin settings

Go to Admin > Settings to change the general administrative settings for FortiPortal. The following figure shows the settings page (with authentication set to local):

The following table describes the settings:

Settings

Guidelines

Administrative Settings

FPC Data Store Size

Required. Amount of database storage (in GB) to reserve for the portal DB

Session Timeout

Required. Timeout for user sessions on the Administrative or Customer web interfaces. The default is 30 minutes. The range is 15-3240 minutes.

Trusted Hosts

Select Enable or Disable. When enabled, you can create a whitelist of originating IP subnetworks; only log-in requests from these subnetworks will be allowed. The system also provides a blacklist, for blocking rogue log-in attempts.

Email Settings

SMTP Server

Required. URL of the SMTP serve from which FortiPortal sends emails

Email From

Required. Email address. Emails sent from FortiPortal will originate from this address.

Port

Required. Email server port. The default value is 25.

Authentication

Enable or disable authentication. If you enable authentication, enter a user name and password. You can use special characters in the user name.

User Authentication

Authentication Access

Select Local or Remote.

If the authentication access is local, the administrator and customer user log-in credentials are checked in the local user databases. With the local option, you must add an SP user entry for each administrative user, and a customer user for each end-customer user.

If the authentication access is remote, the administrator and customer user log-in credentials are checked in the remote RADIUS server or FortiAuthenticator user database. Local customer users cannot be used when remote authentication is selected. See Remote authentication using FortiAuthenticator, RADIUS server configuration , and Remote authentication-SSO .
If you select RADIUS or SSO as the remote server, the system displays the View Roles icon () beside the Remote Server drop-down list. Select this icon to map the RADIUS (RADIUS Roles) or SSO (SSO Roles) roles with the local roles.

When you change the authentication configuration from local to remote or from remote to local, you must restart FortiPortal.

Other

Store Aggregation Data for

Length of time (in days) that the system will save the aggregation data. Values include: 30, 60, 90, or 180 days. The default is 30 days. Displayed in Collector mode only.

Store Report Data for

Length of time (in days) that the system will save report data. Values include: 30, 60, 90, 180, or 365 days. The default is 180 days. Displayed in Collector mode only.

Load Balancer Domain/IP Address

Load balancer IP address or domain name, if you have configured multiple instances of the Apache Tomcat server.

Load Balancer Port

Load balancer port number (required if you specified a load balancer IP address, not required for a domain name). The default value is 443.

Max Reports Allowed

Maximum number of reports that can be defined for this customer. This number includes customer-defined reports and also any reports that the administrator has defined for this customer.

Alert Email From

Alert emails will be sent from this email address.

Alert Email To

Alert emails will be sent to this email address.

Language

Desired language (default, English)
If you change the language, save the settings and log out. The change takes effect upon subsequent logins.

Time Zone

Select the appropriate time zone to use.

TLS/SSL Versions

Select which TLS/SSL versions are used.

Analytics Data Source

Select FortiAnalyzer or Collector.

Use https://mysqlbackupftp.com to back up the portal and collector database before switching from Collector mode to FortiAnalyzer mode. After you switch modes, the collector database is deleted.

If you select Collector, FortiPortal operates in Collector mode and uses collectors to collect logs from FortiAnalyzer.

If you select FortiAnalyzer, FortiPortal operates in FortiAnalyzer mode and collects logs directly from FortiAnalyzer. To use FortiAnalyzer mode, you must be running FortiAnalyzer 6.0 or later.

Remote Log Server

Primary Server

Primary log server IP address

Primary Port

Primary log server port number (mandatory if the server address is supplied)

Secondary Server

Secondary log server IP address

Secondary Port

Secondary log server port number (mandatory if server address supplied)
Previous
Next