DescriptionBy default, one account is available to login, which is 'admin'.
If in case multiple users needs to manage the firewall with their own credentials, users to access the firewall can be created.
This article describes how to create multiple administrators to access the firewall.
SolutionCreating administrators.1) Go to System -> Administrators and create a new account. Set' User Name' and 'Password'.2) Set Administrator Profile to 'super_admin'. This profile allows the administrator full access to configure the FortiGate.
3) Log out of the FortiGate and log in using the new account.
4) To secure the FortiGate, change the name and password of the default admin account is recommended.
Go to System -> Administrators and edit the default account. Change the 'User Name'.
5) Select 'Change Password' to add a password to this account.
6) Configure an administrative account to be accessible only to someone who is using a trusted host. Set a specific IP address for the trusted host or use a subnet.
- Go to System -> Administrators and edit the default admin account.
- Enable Restrict login to trusted hosts. Set Trusted Host 1 to the static IP address of the computer which is used to administer the FortiGate.
- If required, set additional trusted hosts.
Results.
1) Attempt to log in using the original credentials for the default account. Access is denied.
2) Log in using the new credentials for the default account. Access is granted.
3) Go to Log & Report -> System Events. The successful and failed login attempts in the events list are visible.