Settings
Use the system settings to configure general settings for administration access, password policies, system time settings, and display settings.
Go to System > Settings to configure system settings.
Configure the following settings and then select Apply:
System Settings |
|
Host name |
The host name of the FortiProxy unit. The only administrators that can change a host name are administrators whose admin profiles permit system configuration write access. If the FortiProxy unit is part of an HA cluster, you should use a unique host name to distinguish the FortiProxy unit from others in the cluster. |
System Time |
|
Time Zone |
Select the time zone of your FortiProxy unit. |
Set Time |
Select either NTP, PTP, or Manual settings.
|
Setup device as local NTP server |
Enable to configure the FortiProxy as a local NTP server. This option is not available if Set Time is PTP. In the Listen on Interfaces field, set the interface or interfaces that the FortiProxy will listen for NTP requests on. |
Administration Settings |
|
HTTP port |
Enter the TCP port to be used for administrative HTTP access. The default is 80. |
Redirect to HTTPS |
Enable Redirect to HTTPS to force redirection from HTTP to HTTPS. |
HTTPS port |
Enter the TCP port to be used for administrative HTTPS access. The default is 443. |
HTTPS server certificate |
Select Fortinet_Factory or search for a certificate. |
SSH port |
Enter the TCP port to be used for administrative SSH access. The default is 22. |
Telnet port |
Enter the TCP port to be used for administrative Telnet access. The default is 23. |
Idle timeout |
Change the time after which the GUI logs out idle system administration settings, from 1 to 480 minutes. |
ACME interface |
Select the interface that the ACME client will listen to for challenges to provision and renew certificates. |
Allow concurrent sessions |
Concurrent administrator sessions occur when multiple people concurrently access the FortiProxy unit using the same administrator account. This behavior is allowed by default. |
Password Policy |
|
Password Scope |
Select Admin, IPsec, or Both to change the policy for the administrator password. Select Off to apply no policy for the administrator password |
Minimum Length |
If you select Admin, IPsec, or Both, set the minimum acceptable length for passwords, from 8 to 128 characters. |
Character requirements |
If you select Admin, IPsec, or Both, select to enable special character types, upper or lower case letters, or numbers. Enter information for one or all of the following. Each selected type must occur at least once in the password.
|
Allow password reuse |
If you select Admin, you can select this option to allow passwords to be reused. |
Password expiration |
If you select Admin, IPsec, or Both, you can require administrators to change the password after a specified number of days. Enter the number of days in the field. The default is 90 days. |
View Settings |
|
Language |
The language the GUI uses: English, French, Spanish, Portuguese, Japanese, Traditional Chinese, Simplified Chinese, or Korean. You should select the language that the operating system of the management computer uses. |
Date/Time display |
Display the time in either the FortiProxy timezone or the Browser timezone. |
System Operation Settings | |
Virtual Domains |
Enable or disable VDOMs. |
Defining the password policy with a minimum character change
Administrators can set a minimum number of unique characters in the new password that do not exist in the old password. This setting overrides the password reuse option if both are enabled.
To configure the password policy in the GUI:
-
Go to System > Settings and navigate to the Password Policy section.
-
For Password scope, select Admin.
-
Enter a value for Minimum number of new characters.
-
Click Apply.
To configure the password policy in the CLI:
config system password-policy set status enable set min-change-characters <0-128> end