Initial Configuration in Basic Mode

Configuring basic system and mail settings

The Settings menu lets you view, edit and modify many settings you made using the Quick Start Wizard. Further, it contains configuration options not found on the wizard.

Changing time settings and managing administrators

The Configuration menu item contains two tabs. One lets you change system time. The other lets you create and edit administrator accounts.

Configuring time

You can change the time options you made with the wizard. Go to Settings > Configuration > Time.

Figure 26:Time settings dialog

This tab contains the same time options as the equivalent page in the wizard. You can change the time zone, refresh the system time, set a specific date, or synchronize with an NTP server.

See “Step 2: Configuring the network settings and system time” on page 35 for details.

Configuring administrators

  1. Go to Settings > Configuration > Administrator.

This tab lets you create new administrators and assign them an access profile. The access profile sets the administrators scope (domain-wide or system-wide) and permissions.

Figure 27:Administrator tab

  1. Click New to begin creating a new administrator.

A dialog appears.

  1. Configure the following:
Administrator Enter the name for this administrator account.
Domain Select the entire FortiMail unit (System) or name of a protected domain, such as example.com,to which this administrator account will be assigned.

Note: If Domain names a protected domain (that is, System was not selected), the administrator cannot use the CLI, nor basic mode of the web UI.

Password

Confirm password

For a new administrator, enter this account’s password twice.

The password can contain any character except spaces.

These fields do not appear if Auth type is not Local or RADIUS+Local.

Caution: Do not enter a FortiMail administrator password less than six characters long. For better security, enter a longer password with a complex combination of characters and numbers, and change the password regularly. Failure to provide a strong password could compromise the security of your FortiMail unit.

Trusted Host #1 Enter an IP address or subnet from which this administrator can log in. This is optional.

If you want the administrator to access the FortiMail unit from any IP address, leave the default 0.0.0.0/0.0.0.0.

To limit access to a trusted host, enter the IP address and netmask in dotted decimal format. For example, you might permit the administrator to log in to the FortiMail unit from your private network by typing

192.168.1.0/255.255.255.0.

Note: For additional security, restrict all trusted host entries to administrative hosts on your trusted private network. For example, if your FortiMail administrators log in only from the 10.10.10.10/26 subnet, to prevent possibly fraudulent login attempts from unauthorized locations, you could configure that subnet in the Trusted Host #1, Trusted Host #2, and Trusted Host #3 fields.

Trusted Host #2 Enter an IP address or subnet from which this administrator can log in.
Trusted Host #3 Enter an IP address or subnet from which this administrator can log in.
Access profile Select an existing access profile that determines which functional areas the administrator account may view or affect. You can create and edit profiles only in advanced mode.
Management mode Select which display mode, Basic or Advanced, the web UI will initially display when this administrator logs in.

The administrator can switch the mode at any time.

Auth type Select the local or remote type of authentication that the administrator can use:

•      Local

•      RADIUS

•      RADIUS+Local

•      PKI

Note: RADIUS and PKI authentication require that you first configure a RADIUS authentication profile or PKI user in advanced mode of the web UI.

Select language Select this administrator account’s preference for the display language of the web UI.
Select theme Select which theme the web UI will initially display when this administrator logs in.

The administrator can switch the theme at any time.

  1. Click Create.

On this tab your can also:

  • select an administrator and click Edit to change settings
  • select an administrator and click Delete to remove it You cannot modify or delete the default administrator.
This entry was posted in Administration Guides, FortiMail and tagged , , , on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.