Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiPortal 6.0.1 Administration Guide
    6.0.1
    7.4.1
    7.4.0
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.0.15
    6.0.14
    6.0.13
    6.0.12
    6.0.11
    6.0.10
    6.0.9
    6.0.8
    6.0.7
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.3.8
    5.3.7
    5.3.6
    5.3.5
    5.3.4
    5.3.3
    5.3.2
    5.3.0
    5.2.0
    4.1.0
    4.0.3
    4.0.2
    4.0.1
    4.0.0

    Admin settings

    Admin settings

    Go to Admin > Settings to change the general administrative settings for FortiPortal.

    The following figure shows the Settings tab (with authentication set to remote and RADIUS as the remote server):

    The following table describes the settings:

    Settings

    Guidelines

    Administration Settings

    FPC Data Store Size

    Required. Amount of database storage (in GB) to reserve for the portal DB

    Session Timeout

    Required. Timeout for user sessions on the Administrative or Customer web interfaces. The default is 30 minutes. The range is 15-3240 minutes.

    Trusted Hosts

    Select Enable or Disable. When enabled, you can create a allowlist of originating IP subnetworks; only log-in requests from these subnetworks will be allowed. The system also provides a blocklist, for blocking rogue log-in attempts.

    Email Settings

    SMTP Server

    Required. URL of the SMTP serve from which FortiPortal sends emails

    Email From

    Required. Email address. Emails sent from FortiPortal will originate from this address.

    Port

    Required. Email server port. The default value is 25.

    Authentication

    Enable or disable authentication. If you enable authentication, enter a user name and password. You can use special characters in the user name.

    Remote Log Server

    Primary Server

    Primary log server IP address

    Primary Port

    Primary log server port number (mandatory if the server address is supplied)

    Secondary Server

    Secondary log server IP address

    Secondary Port

    Secondary log server port number (mandatory if server address supplied)

    Other

    Load Balancer Domain/IP Address

    Load balancer IP address or domain name, if you have configured multiple instances of the Apache Tomcat server.

    Load Balancer Port

    Load balancer port number (required if you specified a load balancer IP address, not required for a domain name). The default value is 443.

    Max Reports Allowed

    Maximum number of reports that can be defined for this customer. This number includes customer-defined reports and also any reports that the administrator has defined for this customer.

    Alert Email From

    Alert emails will be sent from this email address.

    Alert Email To

    Alert emails will be sent to this email address.

    Language

    Desired language (default, English)
    If you change the language, save the settings and log out. The change takes effect upon subsequent logins.

    Time Zone

    Select the appropriate time zone to use.

    TLS/SSL Versions

    Select which TLS/SSL versions are used.

    User Authentication

    Authentication Access

    Select Local or Remote.

    If the authentication access is local, the administrator and customer user log-in credentials are checked in the local user databases. With the local option, you must add an SP user entry for each administrative user, and a customer user for each end-customer user.

    If the authentication access is remote, the administrator and customer user log-in credentials are checked in the remote RADIUS server or FortiAuthenticator user database. Local customer users cannot be used when remote authentication is selected. See Remote authentication using FortiAuthenticator, RADIUS server configuration , and Remote authentication - SSO .
    If you select RADIUS or SSO as the remote server, the system displays the View Roles button. Select this button to map the RADIUS (RADIUS Roles) or SSO (SSO Roles) roles with the local roles.

    If you select RADIUS as the remote server, the Authentication Protocol dropdown allows you to choose between CHAP or PAP authentication protocols.

    When you change the authentication configuration from local to remote or from remote to local, you must restart FortiPortal.
    Previous
    Next

    Admin settings

    Admin settings

    Go to Admin > Settings to change the general administrative settings for FortiPortal.

    The following figure shows the Settings tab (with authentication set to remote and RADIUS as the remote server):

    The following table describes the settings:

    Settings

    Guidelines

    Administration Settings

    FPC Data Store Size

    Required. Amount of database storage (in GB) to reserve for the portal DB

    Session Timeout

    Required. Timeout for user sessions on the Administrative or Customer web interfaces. The default is 30 minutes. The range is 15-3240 minutes.

    Trusted Hosts

    Select Enable or Disable. When enabled, you can create a allowlist of originating IP subnetworks; only log-in requests from these subnetworks will be allowed. The system also provides a blocklist, for blocking rogue log-in attempts.

    Email Settings

    SMTP Server

    Required. URL of the SMTP serve from which FortiPortal sends emails

    Email From

    Required. Email address. Emails sent from FortiPortal will originate from this address.

    Port

    Required. Email server port. The default value is 25.

    Authentication

    Enable or disable authentication. If you enable authentication, enter a user name and password. You can use special characters in the user name.

    Remote Log Server

    Primary Server

    Primary log server IP address

    Primary Port

    Primary log server port number (mandatory if the server address is supplied)

    Secondary Server

    Secondary log server IP address

    Secondary Port

    Secondary log server port number (mandatory if server address supplied)

    Other

    Load Balancer Domain/IP Address

    Load balancer IP address or domain name, if you have configured multiple instances of the Apache Tomcat server.

    Load Balancer Port

    Load balancer port number (required if you specified a load balancer IP address, not required for a domain name). The default value is 443.

    Max Reports Allowed

    Maximum number of reports that can be defined for this customer. This number includes customer-defined reports and also any reports that the administrator has defined for this customer.

    Alert Email From

    Alert emails will be sent from this email address.

    Alert Email To

    Alert emails will be sent to this email address.

    Language

    Desired language (default, English)
    If you change the language, save the settings and log out. The change takes effect upon subsequent logins.

    Time Zone

    Select the appropriate time zone to use.

    TLS/SSL Versions

    Select which TLS/SSL versions are used.

    User Authentication

    Authentication Access

    Select Local or Remote.

    If the authentication access is local, the administrator and customer user log-in credentials are checked in the local user databases. With the local option, you must add an SP user entry for each administrative user, and a customer user for each end-customer user.

    If the authentication access is remote, the administrator and customer user log-in credentials are checked in the remote RADIUS server or FortiAuthenticator user database. Local customer users cannot be used when remote authentication is selected. See Remote authentication using FortiAuthenticator, RADIUS server configuration , and Remote authentication - SSO .
    If you select RADIUS or SSO as the remote server, the system displays the View Roles button. Select this button to map the RADIUS (RADIUS Roles) or SSO (SSO Roles) roles with the local roles.

    If you select RADIUS as the remote server, the Authentication Protocol dropdown allows you to choose between CHAP or PAP authentication protocols.

    When you change the authentication configuration from local to remote or from remote to local, you must restart FortiPortal.
    Previous
    Next