Fortinet white logo
Fortinet white logo

FortiVoice Gateway Administration Guide

Configuring administrator accounts

Configuring administrator accounts

The System > Administrator > Administrator tab displays a list of the FortiVoice Gateway’s administrator accounts and the trusted host IP addresses administrators use to log in (if configured).

By default, FortiVoice Gateway has a single administrator account, admin.

Prerequisite

If you want to create or edit an admin profile, perform this task on the FortiVoice phone system first. For more details about the admin profile, see the Configuring administrator profiles section in the FortiVoice Phone System Administration Guide.

To view administrator accounts, go to System > Administrator > Administrator. The following table includes the GUI fields and descriptions.

GUI field

Description

Enabled

Displays the administrator status.

Name

Displays the name for this administrator account.

Admin profile

The administrator profile that determines which functional areas the administrator account can view or affect.

Authentication Type

The administrator authentication type: Local, RADIUS, LDAP, or Single Sign On.

Authentication Profile

The LDAP authentication profile.

Trusted Hosts

Displays the IP address and netmask from which the administrator can log in.

To configure administrator accounts

  1. Go to System > Administrator > Administrator.
  2. Click New to add an account.

    An Administrator dialog appears.

  3. Configure the following fields:

    GUI field

    Description

    Enabled

    Click to activate the administrator status. By default, this is enabled.

    Administrator

    Enter the name for this administrator account.

    The name can contain numbers (0‑9), uppercase and lowercase letters (A‑Z, a‑z), hyphens ( - ), and underscores ( _ ). Other special characters and spaces are not allowed.

    Email address

    Enter the administrator’s email address.

    Admin profile

    Select the name of an admin profile that determines which functional areas the administrator account can view or affect.

    Authentication type

    Select an administrator authentication type: Local, RADIUS, LDAP, or Single Sign On.

    New password

    This field does not appear if Authentication type is LDAP.

    Enter the password for this account.

    The password can contain any character except spaces.

    Caution

    Enter a FortiVoice administrator password that has six characters or more. For better security, enter a password with a complex combination of characters and numbers, and change the password regularly. Failure to provide a strong password could compromise the security of your FortiVoice Gateway unit.

    Confirm password

    Enter the account password again to confirm it.

    RADIUS profile

    If you select RADIUS for Authentication Type, select a RADIUS authentication profile.

    If you want to create a new RADIUS profile, click +.

    LDAP profile

    If you select LDAP for Authentication Type, select an LDAP authentication profile.

    Trusted hosts type

    Select a trusted host type:

    • User defined: Add details about the hosts in Trusted Hosts.
    • RFC 1918 predefined: The FortiVoice Gateway unit allows connections from any private IP addresses specified by the request for comment 1918 (RFC 1918).

    Trusted hosts

    Enter an IPv4 or IPv6 address or subnet from which this administrator can log in.

    If you want the administrator to access the FortiVoice Gateway unit from any IP address, use 0.0.0.0/0.0.0.0.

    Enter the IP address and netmask in dotted decimal format. For example, you might permit the administrator to log in to the FortiVoice Gateway unit from your private network by typing 192.168.1.0/255.255.255.0.

    Note

    For additional security, restrict all trusted host entries to administrative hosts on your trusted private network. For example, if your FortiVoice administrators log in only from the 10.10.10.10/24 subnet, to prevent possibly fraudulent login attempts from unauthorized locations, you could configure that subnet in the Trusted Host #1, Trusted Host #2, and Trusted Host #3 fields.

    For information about restricting administrative access protocols that can be used by these hosts, see Creating or editing network interfaces.

    Click the + sign to add additional IP addresses or subnets from which the administrator can log in.

    Select language

    Select this administrator account’s preference for the display language of the web-based manager.

    Select theme

    Select this administrator account’s preference for the display theme or click Use Current to choose the theme currently in effect.

    The administrator may switch the theme at any time during a session by clicking Next Theme.

    Description

    Select Click to edit to enter any comments for the administrator account.

  4. Click Create.

Configuring administrator accounts

Configuring administrator accounts

The System > Administrator > Administrator tab displays a list of the FortiVoice Gateway’s administrator accounts and the trusted host IP addresses administrators use to log in (if configured).

By default, FortiVoice Gateway has a single administrator account, admin.

Prerequisite

If you want to create or edit an admin profile, perform this task on the FortiVoice phone system first. For more details about the admin profile, see the Configuring administrator profiles section in the FortiVoice Phone System Administration Guide.

To view administrator accounts, go to System > Administrator > Administrator. The following table includes the GUI fields and descriptions.

GUI field

Description

Enabled

Displays the administrator status.

Name

Displays the name for this administrator account.

Admin profile

The administrator profile that determines which functional areas the administrator account can view or affect.

Authentication Type

The administrator authentication type: Local, RADIUS, LDAP, or Single Sign On.

Authentication Profile

The LDAP authentication profile.

Trusted Hosts

Displays the IP address and netmask from which the administrator can log in.

To configure administrator accounts

  1. Go to System > Administrator > Administrator.
  2. Click New to add an account.

    An Administrator dialog appears.

  3. Configure the following fields:

    GUI field

    Description

    Enabled

    Click to activate the administrator status. By default, this is enabled.

    Administrator

    Enter the name for this administrator account.

    The name can contain numbers (0‑9), uppercase and lowercase letters (A‑Z, a‑z), hyphens ( - ), and underscores ( _ ). Other special characters and spaces are not allowed.

    Email address

    Enter the administrator’s email address.

    Admin profile

    Select the name of an admin profile that determines which functional areas the administrator account can view or affect.

    Authentication type

    Select an administrator authentication type: Local, RADIUS, LDAP, or Single Sign On.

    New password

    This field does not appear if Authentication type is LDAP.

    Enter the password for this account.

    The password can contain any character except spaces.

    Caution

    Enter a FortiVoice administrator password that has six characters or more. For better security, enter a password with a complex combination of characters and numbers, and change the password regularly. Failure to provide a strong password could compromise the security of your FortiVoice Gateway unit.

    Confirm password

    Enter the account password again to confirm it.

    RADIUS profile

    If you select RADIUS for Authentication Type, select a RADIUS authentication profile.

    If you want to create a new RADIUS profile, click +.

    LDAP profile

    If you select LDAP for Authentication Type, select an LDAP authentication profile.

    Trusted hosts type

    Select a trusted host type:

    • User defined: Add details about the hosts in Trusted Hosts.
    • RFC 1918 predefined: The FortiVoice Gateway unit allows connections from any private IP addresses specified by the request for comment 1918 (RFC 1918).

    Trusted hosts

    Enter an IPv4 or IPv6 address or subnet from which this administrator can log in.

    If you want the administrator to access the FortiVoice Gateway unit from any IP address, use 0.0.0.0/0.0.0.0.

    Enter the IP address and netmask in dotted decimal format. For example, you might permit the administrator to log in to the FortiVoice Gateway unit from your private network by typing 192.168.1.0/255.255.255.0.

    Note

    For additional security, restrict all trusted host entries to administrative hosts on your trusted private network. For example, if your FortiVoice administrators log in only from the 10.10.10.10/24 subnet, to prevent possibly fraudulent login attempts from unauthorized locations, you could configure that subnet in the Trusted Host #1, Trusted Host #2, and Trusted Host #3 fields.

    For information about restricting administrative access protocols that can be used by these hosts, see Creating or editing network interfaces.

    Click the + sign to add additional IP addresses or subnets from which the administrator can log in.

    Select language

    Select this administrator account’s preference for the display language of the web-based manager.

    Select theme

    Select this administrator account’s preference for the display theme or click Use Current to choose the theme currently in effect.

    The administrator may switch the theme at any time during a session by clicking Next Theme.

    Description

    Select Click to edit to enter any comments for the administrator account.

  4. Click Create.