Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Administration Guide

    Home FortiWeb 7.6.4 Administration Guide
    7.6.4
    8.0.3
    8.0.2
    8.0.1
    8.0.0
    7.6.7
    7.6.6
    7.6.5
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.12
    7.4.11
    7.4.10
    7.4.9
    7.4.8
    7.4.7
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.3
    6.3.23
    6.2.8
    6.1.4
    5.7.0
    5.6.1
    5.6.0
    5.6.0

    Setting the system time & date

    Setting the system time & date

    You can either manually set the FortiWeb system time or configure the FortiWeb appliance to automatically keep its system time correct by synchronizing with a Network Time Protocol (NTP) server.

    For many features to work, including scheduling, logging, and SSL/TLS-dependent features, the FortiWeb system time must be accurate.
    To configure the system time via the web UI
    1. Go to System > Maintenance > System Time.

      2. The Time Settings dialog appears in a pop-up window.

      Alternatively, go to System > Status > Status. In the System Information widget, in the System Time row, click Change.

      To access this part of the web UI, your administrator's account access profile must have Read and Write permission to items in the Maintenance category. For details, see Permissions.

    2. For Time Zone, select the time zone where FortiWeb is located.
    3. If you want FortiWeb to automatically adjust its own clock when its time zone changes between daylight saving time (DST) and standard time, enable Automatically adjust clock for daylight saving changes.
    4. If you want FortiWeb to automatically synchronize its clock with an NTP server (recommended), select NTP in Set Time, then click Create New to add NTP servers.
      Server

      Specify a space-separated list of IP addresses or FQDNs for an NTP server or pool, such as pool.ntp.org.
      To find an NTP server, go to http://www.ntp.org.

      Ensure there are no duplicate entries. A server is deemed a duplicate if it shares the same IP address or hostname.

      AuthenticationEnable to apply authentication keys to secure the NTP server. This is disabled by default.
      IP Type

      The IP Type setting applies to the FQDNs used for the NTP server. (Undefined variable: Deployment Guide.ProductName) synchronizes time only with FQDN IP addresses that match the selected IP type.

      Select the IP type from the following:

      • V4

      • V6

      • Both

      The default option is V4.

      Key Type

      The Key Type option is available if Authentication is enabled.

      Select the key type from the following:

      • SHA1

      • SHA256

      • AES128

      • AES256

      The default option is SHA1.

      Key

      The Key option is available if Authentication is enabled.

      Specify the Key in hexadecimal format. The maximum length is 127 digits or characters.

      Key ID

      The Key ID option is available if Authentication is enabled.

      Specify the Key ID. The valid range is 0-65536

      Sync Interval

      Enter the interval at which FortiWeb makes requests to the NTP servers for system time synchronization.

      5. NTP requires that FortiWeb be able to connect to the Internet on UDP port 123.
    5. To manually set the time, select Manual Settings in Set Time, then enter the current date and time. The clock will be initialized with the manually specified time when you click OK.
    6. Click OK.

    If you manually configured the time, or if you enabled NTP and the NTP query for the current time succeeds, the new clock time should appear for the System Time in the System Information widget. (If the query reply is slow, you may need to wait a couple of seconds, then click Refresh to update the display in System time.)

    If the NTP query fails, the system clock will continue without adjustment. If FortiWeb’s time was 3 hours late, for example, the time will still be 3 hours late. Verify your DNS server IPs, your NTP server IP or name, routing, and that your firewalls or routers do not block or proxy UDP port 123.

    To configure NTP via the CLI

    To synchronize with an NTP server, enter the following commands:

    config system global

    set ntpsync enable

    set timezone <timezone_index>

    set ntpserver {<server_fqdn> | <server_ipv4> | <server_ipv6>}

    end

    where:

    • <timezone_index> is the index number of the time zone in which the FortiWeb appliance is located (to view the list of valid time zones and their associated index numbers, enter a question mark)
    • {<server_fqdn> | <server_ipv4> | <server_ipv6>} is a choice of either the IPv4 address, IPv6 address, or fully qualified domain name (FQDN) of the NTP server, such as pool.ntp.org

    If your NTP query succeeds, the new clock time should appear when you enter the command:

    execute time

    If the NTP query fails, the system clock will continue without adjustment. If FortiWeb’s time was 3 hours late, for example, the time will still be 3 hours late. Verify your DNS server IPs, your NTP server IP or name, routing, and that your firewalls or routers do not block or proxy UDP port 123.

    To manually set the date and time via the CLI

    To manually configure the FortiWeb appliance’s system time and disable the connection to an NTP server, enter the following commands:

    config system global

    set ntpsync disable

    set timezone <timezone_index>

    set dst {enable | disable}

    end

    execute time <time_str>

    execute date <date_str>

    where:

    • <timezone_index> is the index number of the time zone in which the FortiWeb appliance is located (to view the list of valid time zones and their associated index numbers, enter a question mark)
    • dst {enable | disable} is a choice between enabling or disabling daylight saving time (DST) clock adjustments
    • <time_str> is the time for the time zone in which the FortiWeb appliance is located according to a 24-hour clock, formatted as hh:mm:ss (hh is the hour, mm is the minute, and ss is the second)
    • <date_str> is the date for the time zone in which the FortiWeb appliance is located, formatted as yyyy-mm-dd (yyyy is the year, mm is the month, and dd is the day)
    See also
    Previous
    Next

    Setting the system time & date

    Setting the system time & date

    You can either manually set the FortiWeb system time or configure the FortiWeb appliance to automatically keep its system time correct by synchronizing with a Network Time Protocol (NTP) server.

    For many features to work, including scheduling, logging, and SSL/TLS-dependent features, the FortiWeb system time must be accurate.
    To configure the system time via the web UI
    1. Go to System > Maintenance > System Time.

      2. The Time Settings dialog appears in a pop-up window.

      Alternatively, go to System > Status > Status. In the System Information widget, in the System Time row, click Change.

      To access this part of the web UI, your administrator's account access profile must have Read and Write permission to items in the Maintenance category. For details, see Permissions.

    2. For Time Zone, select the time zone where FortiWeb is located.
    3. If you want FortiWeb to automatically adjust its own clock when its time zone changes between daylight saving time (DST) and standard time, enable Automatically adjust clock for daylight saving changes.
    4. If you want FortiWeb to automatically synchronize its clock with an NTP server (recommended), select NTP in Set Time, then click Create New to add NTP servers.
      Server

      Specify a space-separated list of IP addresses or FQDNs for an NTP server or pool, such as pool.ntp.org.
      To find an NTP server, go to http://www.ntp.org.

      Ensure there are no duplicate entries. A server is deemed a duplicate if it shares the same IP address or hostname.

      AuthenticationEnable to apply authentication keys to secure the NTP server. This is disabled by default.
      IP Type

      The IP Type setting applies to the FQDNs used for the NTP server. (Undefined variable: Deployment Guide.ProductName) synchronizes time only with FQDN IP addresses that match the selected IP type.

      Select the IP type from the following:

      • V4

      • V6

      • Both

      The default option is V4.

      Key Type

      The Key Type option is available if Authentication is enabled.

      Select the key type from the following:

      • SHA1

      • SHA256

      • AES128

      • AES256

      The default option is SHA1.

      Key

      The Key option is available if Authentication is enabled.

      Specify the Key in hexadecimal format. The maximum length is 127 digits or characters.

      Key ID

      The Key ID option is available if Authentication is enabled.

      Specify the Key ID. The valid range is 0-65536

      Sync Interval

      Enter the interval at which FortiWeb makes requests to the NTP servers for system time synchronization.

      5. NTP requires that FortiWeb be able to connect to the Internet on UDP port 123.
    5. To manually set the time, select Manual Settings in Set Time, then enter the current date and time. The clock will be initialized with the manually specified time when you click OK.
    6. Click OK.

    If you manually configured the time, or if you enabled NTP and the NTP query for the current time succeeds, the new clock time should appear for the System Time in the System Information widget. (If the query reply is slow, you may need to wait a couple of seconds, then click Refresh to update the display in System time.)

    If the NTP query fails, the system clock will continue without adjustment. If FortiWeb’s time was 3 hours late, for example, the time will still be 3 hours late. Verify your DNS server IPs, your NTP server IP or name, routing, and that your firewalls or routers do not block or proxy UDP port 123.

    To configure NTP via the CLI

    To synchronize with an NTP server, enter the following commands:

    config system global

    set ntpsync enable

    set timezone <timezone_index>

    set ntpserver {<server_fqdn> | <server_ipv4> | <server_ipv6>}

    end

    where:

    • <timezone_index> is the index number of the time zone in which the FortiWeb appliance is located (to view the list of valid time zones and their associated index numbers, enter a question mark)
    • {<server_fqdn> | <server_ipv4> | <server_ipv6>} is a choice of either the IPv4 address, IPv6 address, or fully qualified domain name (FQDN) of the NTP server, such as pool.ntp.org

    If your NTP query succeeds, the new clock time should appear when you enter the command:

    execute time

    If the NTP query fails, the system clock will continue without adjustment. If FortiWeb’s time was 3 hours late, for example, the time will still be 3 hours late. Verify your DNS server IPs, your NTP server IP or name, routing, and that your firewalls or routers do not block or proxy UDP port 123.

    To manually set the date and time via the CLI

    To manually configure the FortiWeb appliance’s system time and disable the connection to an NTP server, enter the following commands:

    config system global

    set ntpsync disable

    set timezone <timezone_index>

    set dst {enable | disable}

    end

    execute time <time_str>

    execute date <date_str>

    where:

    • <timezone_index> is the index number of the time zone in which the FortiWeb appliance is located (to view the list of valid time zones and their associated index numbers, enter a question mark)
    • dst {enable | disable} is a choice between enabling or disabling daylight saving time (DST) clock adjustments
    • <time_str> is the time for the time zone in which the FortiWeb appliance is located according to a 24-hour clock, formatted as hh:mm:ss (hh is the hour, mm is the minute, and ss is the second)
    • <date_str> is the date for the time zone in which the FortiWeb appliance is located, formatted as yyyy-mm-dd (yyyy is the year, mm is the month, and dd is the day)
    See also
    Previous
    Next