USD ($)
$
United States Dollar
India Rupee
Your cart is empty
Empty notifications
Login Register

Lab 1: Controlling Management Access

Lesson 1/22 | Study Time: 60 Min
Course: FortiGate Lab Workbooks: NSE Lab Guide
Lab 1: Controlling Management Access

Tasks

1.1 Use a browser installed on your local system to connect to the FortiGate firewall

 ✓ Use HTTP and management address 192.168.250.x

 ✓ Authenticate using credentials listed on the topology

1.2 Modify administrative access settings

 ✓ Disable SSH on Port1

 ✓ Enable HTTP and HTTPS access

 ✓ Enable Ping access

 ✓ The system should listen for incoming HTTPS connections on port 8443

 ✓ Set the GUI idle timeout to 10 minutes


Configuration and Verifications 

Power On FortiGate

The FortiGate firewall is in default mode i.e., in factory default with the evaluation license which has validity of 15 days. When evaluation license expires system is unusable, so license needs to reset. To reset the evaluation license on CLI use command "execute factoryreset2". Note: The configurations are not lost when license is reset using the mentioned command.


By taking the console, login to FortiGate using username "admin" and without password (however you have to set the password at first login) set the password as "admin" 


Power On SW01

The FortiGate Port1 is configured as DHCP and receives IP address dynamically from MGMT cloud where DHCP server is pre-configured. Verify Port 1 configuration. Note: Sometimes it takes 5-10 min for the FortiGate Port1 to get an IP address from the DHCP server after power on the switch SW01.


As you can see on the above screenshot, FortiGate Port1 is getting an IP address of 192.168.250.41, This is the management IP, using which you can access FortiGate via HTTP on your local system. However, HTTP is not allowed, so allow HTTP on Port1. Note: In Default FortiGate configuration does not save automatically. In order to save configuration automatically, you need to set it as follows.



Once HTTP is allowed on port1, you can take its GUI from your local system (Local system should also have IP address in the same subnet) and login to FortiGate using credentials admin/admin


It will ask you to complete the setup but as of now you can click on Later. Also skip the video if there is any.


The first screen you see after login is the FortiGate dashboard status, wherein you can do all the management of the firewall. As you can see the current software version is 7.0 and based on KVM.


As per the task, you need to modify the administrative access on FortiGate port1. Enable Ping, Disable SSH and enable HTTPs. Go to Network -> Interfaces, select port1 and click on Edit. Here tick and untick the 


Here in the administrative access section, tick and untick the appropriate the access. 


Now HTTPs should listen on port 8443 with self-signed certificate, and GUI idle time is 10 minutes. Go to System -> Settings, under Administration Settings change Idle time to 10 from 5 (default) and also change the HTTPs port to 8443 from 443 and click on Apply.



Previous Lesson Next Lesson
Deepak Sharma

Deepak Sharma

Product Designer
★★★★★ 4.95
Loyal User
Expert Vendor
Golden Classes
King Seller
Fantastic Support
Loyal Writer
Profile Book a Meeting

Class Sessions

1- Lab 1: Controlling Management Access 2- Lab 2: Deploying Interfaces 3- Lab 3: Configure Routing 4- Lab 4: Configuring Basic Setting 5- Lab 5: Creating Security Zones 6- Lab 6: Creating Objects and Groups 7- Lab 7: Deploying Firewall Policies 8- Lab 8: Enabling Source NAT 9- Lab 9: Enabling Destination NAT 10- Lab 10: Configure Other Policies 11- Lab 11: Controlling Applications 12- Lab 12: Building Web Filtering 13- Lab 13: Configuring Antivirus 14- Lab 14: Building Intrusion Prevention 15- Lab 15: Enabling Policy Mode 16- Lab 16: Enabling User Authentication 17- Lab 17: Implementing Site-to-Site VPN 18- Lab 18: Implementing SSL VPN 19- Lab 19: Integrating FortiGate 20- Lab 20: Using FortiManager 21- Lab 21: Integrating FortiAnalyzer 22- Lab 22: Using FortiAnalyzer