FortiWAN Administration

Administration

Go to System > Administration, Administration lets you perform administrative tasks, including changing passwords of Administrator and Monitor. Every FortiWAN is shipped with the same default passwords. For security concerns, it is thus strongly recommended that the passwords shall be changed.

By default, FortiWAN uses 443 as the Web UI login port. And it allows administrators to change the port, to avoid possible port conflict caused for virtual server services.

Update/downgrade section enables to update or downgrade firmwares once new firmwares are available (from our website or dealers). Simply click the Update/Downgrade button and follow exactly the on-screen instructions.

Configuration Files gives you the ability to back up configuration files, by clicking the [Save] button. Or you can click [Restore] to reload the previous backup files to FortiWAN. System configurations can be recovered from failures via the backup configuration files.

In Maintenance, you can restore factory default configurations and reboot FortiWAN. Due to the limitation of HTML syntax, no hint displays after reboot has been completed. Thus you have to wait about two minutes before navigating to Web UI in browser.

Administrator and Monitor Password

FortiWAN maintains a common local authentication database for its Web UI, CLI and SSH login (See

“Connecting to the Web UI and the CLI”). Accounts for authentication are classified into two groups,

Administrator and Monitor, with different permissions. Accounts belonging to Administrator have the permission to monitor and modify system parameters via Web UI, CLI and SSH login, while limited operations are allowed (monitor system information and traffic statistics via Web UI ONLY) to accounts belonging to Monitor.

Configurations applying, system administrations (managements introduced in this topic), Tunnel Routing Benchmark, CLI access and SSH login are invalid for Monitor group. Note that page System > Administration is not available to Monitor accounts.

Default account/password

While the first time you login to Web UI, you see the default accounts here. “Administrator” and “admin” are the default accounts of group Administrator, and “Monitor” is the default account of group Monitor. Passwords of accounts “Administrator” and “Monitor” are “1234” and “5678” respectively; password of account “admin” is null (See “Appendix A: Default Values”). All the accounts (default and customized) of group Administrator are able to log into Web UI, CLI and SSH login. All the accounts are case sensitive.

Create, modify and delete the account and password for Administrators or Monitors.

Select Account You can select and configure an account (old or new). If you select the current login account, [Add Account] button will change to [Set Account].
New Account Allows you to add a new account. Enter the new account ID here.
New Password Enter the new password after you have added or modified an account.
Password Verification Confirm the new password.

Event notifications via SNMP trap

You can receive notification via SNMP trap for any modification of the FortiWAN’s account. Configure the SNMP manager on your FortiWAN and enable the event type “Account change” to notify (See “Notification”), then notification will be delivered to your SNMP manager for the events. The correspondent MIB fields and OIDs are listed as following:

SNMP field names and OIDs

MIB Field OID Description
fwnEventAdminAccountPwChanged 1.3.6.1.4.1.12356.118.3.1.1.1 Send event notification when the password of an account in Administrator group is changed.
fwnEventAdminAccountAdded 1.3.6.1.4.1.12356.118.3.1.1.2 Send event notification when an account is added into Administrator group.
fwnEventAdminAccountRemoved 1.3.6.1.4.1.12356.118.3.1.1.3 Send event notification when an account is removed from Administrator group.
fwnEventMonitorAccountPwChanged 1.3.6.1.4.1.12356.118.3.1.1.4 Send event notification when the password of an account in Monitor group is changed.
fwnEventMonitorAccountAdded 1.3.6.1.4.1.12356.118.3.1.1.5 Send event notification when an account is added into Monitor group.
fwnEventMonitorAccountRemoved 1.3.6.1.4.1.12356.118.3.1.1.6 Send event notification when an account is removed from Monitor group.
This entry was posted in Administration Guides, FortiWAN on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.