Configuring the public port numbers and domain name
If you configured a NAT/port forward address on your firewall/router, then you must configure FortiRecorder to use it. FortiRecorder uses the external-facing address and port number in features such as notifications. For example, notification email about motion detection contains a hyperlink with the Public Access Host name and Access Ports Service (Public port number), like this:
https://nvr.example.com:1443/admin/AdminLogin.html?nid=123...
Due to this, when you are out of the office, you can click the link regardless of where you are on the Internet, and be able to watch the motion detection clip on FortiRecorder.
Miscellaneous settings (for example, password strength and idle timeout for local administrator accounts) are also available on this page of the GUI.
- On FortiRecorder, go to System > Configuration > Options.
-
Configure the following settings:
Setting Name
Description
Enter the amount of time that a user may be inactive before the FortiRecorder unit automatically logs out the user.
For better security, use a low idle timeout value.
Enter text that you want to prompt the user to agree, such as an IT policy or legal disclaimer, then also configure when to display it:
Enable to display the text in Login disclaimer before the login dialog.
Enable to display the text inLogin disclaimer after the login dialog, but before the GUI menu or CLI command prompt appears.
Enter the minimum number of characters that a password must contain. The default value is 8.
If any password does not meet the requirements, FortiRecorder requires that user to change the password during the next login.
Set a strong password policy, especially for administrator accounts. If you don't, unauthorized persons could log into FortiRecorder and compromise security. Short, simple, and easily-guessed passwords are a security risk.
These password policy settings only apply to accounts that are local (defined on FortiRecorder). See also Configuring remote authentication.
Select your password complexity requirements:
- Uppercase letter
- Lowercase letter
- Number (0-9)
- Non alphanumeric character: Any special character that is not a letter of the US-ASCII alphabet or a number, such as an exclamation mark (
!
) or tilde (~
).
If any password does not meet the requirements, FortiRecorder requires that user to change the password during the next login.
Allow empty password
Enable to ignore Minimum password length and Password must contain and allow empty passwords.
Empty passwords effectively disable authentication, and are a security risk. Only enable this setting if:
- FortiRecorder is on an isolated network (not accessible from the Internet or office LAN)
- access is physically restricted to authorized persons
If you don't, unknown and unauthorized persons could log into FortiRecorder and compromise security.
If you configured NAT on a firewall/router (see Configuring NAT/port forwarding on your firewall/router), then type either an:
- IP address
- fully qualified domain name (FQDN), such as
nvr.example.com
, that Internet DNS servers can resolve into the above IP address
Devices on remote networks or the public Internet will connect through this address on the firewall/router for communications to the FortiRecorder.
This hostname may be different than the one in Host name.
For each network service (HTTPS etc.), configure:
- Local: Type the listening port number on FortiRecorder. Devices on the internal/private network connect directly to this port number.
-
Public: If you configured port forwarding on a firewall/router (see Configuring NAT/port forwarding on your firewall/router), then type the external/public port number on your firewall/router that forwards communications to the FortiRecorder port number in Local. Devices on remote networks or the public Internet will connect through this public port number on the firewall/router for communications to the FortiRecorder.
If you do not use port forwarding, then keep Public the same as Local.
By default, each service (protocol) on FortiRecorder uses IANA standard port numbers. See also Appendix A: Port numbers.
The FRC-Central port is used by both FortiCentral and FortiRecorder Mobile app.
- Click Apply.