Fortinet Document Library

Version:


Table of Contents

FortiGate-VM on KVM

Resources

Upgrade Path Tool
  • Select version:
  • 6.0
6.0.0
Download PDF
Copy Link

Configure port 1

VM platform or hypervisor management environments include a guest console window. On the FortiGate VM, this provides access to the FortiGate console, equivalent to the console port on a hardware FortiGate unit. Before you can access the GUI, you must configure FortiGate VM port1 with an IP address and administrative access.

To configure the port1 IP address:
  1. In your hypervisor manager, start the FortiGate VM and access the console window.
    You might need to press Enter to see a login prompt.
  2. At the FortiGate VM login prompt enter the username admin. By default there is no password. Press Enter.
  3. Using CLI commands, configure the port1 IP address and netmask. Also, HTTP access must be enabled because until it is licensed the FortiGate VM supports only low-strength encryption. HTTPS access will not work.
    For example:
    config system interface
    edit port1
    set ip 192.168.0.100 255.255.255.0
    append allowaccess http
    end

    note icon You can also use the append allowaccess CLI command to enable other access protocols, such as auto-ipsec, http, probe-response, radius-acct, snmp, and telnet. The ping, https, ssh, and fgfm protocols are enabled on the port1 interface by default.
  4. To configure the default gateway, enter the following CLI commands:
    config router static
    edit 1
    set device port1
    set gateway <class_ip>
    end
    caution icon You must configure the default gateway with an IPv4 address. FortiGate VM needs to access the Internet to contact the FortiGuard Distribution Network (FDN) to validate its license.
  5. To configure your DNS servers, enter the following CLI commands:
    config system dns
    set primary <Primary DNS server>
    set secondary <Secondary DNS server>
    end
    note icon The default DNS servers are 208.91.112.53 and 208.91.112.52.

Resources

Configure port 1

VM platform or hypervisor management environments include a guest console window. On the FortiGate VM, this provides access to the FortiGate console, equivalent to the console port on a hardware FortiGate unit. Before you can access the GUI, you must configure FortiGate VM port1 with an IP address and administrative access.

To configure the port1 IP address:
  1. In your hypervisor manager, start the FortiGate VM and access the console window.
    You might need to press Enter to see a login prompt.
  2. At the FortiGate VM login prompt enter the username admin. By default there is no password. Press Enter.
  3. Using CLI commands, configure the port1 IP address and netmask. Also, HTTP access must be enabled because until it is licensed the FortiGate VM supports only low-strength encryption. HTTPS access will not work.
    For example:
    config system interface
    edit port1
    set ip 192.168.0.100 255.255.255.0
    append allowaccess http
    end

    note icon You can also use the append allowaccess CLI command to enable other access protocols, such as auto-ipsec, http, probe-response, radius-acct, snmp, and telnet. The ping, https, ssh, and fgfm protocols are enabled on the port1 interface by default.
  4. To configure the default gateway, enter the following CLI commands:
    config router static
    edit 1
    set device port1
    set gateway <class_ip>
    end
    caution icon You must configure the default gateway with an IPv4 address. FortiGate VM needs to access the Internet to contact the FortiGuard Distribution Network (FDN) to validate its license.
  5. To configure your DNS servers, enter the following CLI commands:
    config system dns
    set primary <Primary DNS server>
    set secondary <Secondary DNS server>
    end
    note icon The default DNS servers are 208.91.112.53 and 208.91.112.52.