60 01-28007-0068-20041203 Fortinet Inc.
Zone settings System network
Controlling administrative access to a FortiGate interface connected to the Internet
allows remote administration of the FortiGate unit from any location on the Internet.
However, allowing remote administration from the Internet could compromise the
security of the FortiGate unit. You should avoid allowing administrative access for an
interface connected to the Internet unless this is required for your configuration. To
improve the security of a FortiGate unit that allows remote administration from the
Internet:
• Use secure administrative user passwords,
• Change these passwords regularly,
• Enable secure administrative access to this interface using only HTTPS or SSH,
• Do not change the system idle timeout from the default value of 5 minutes (see “To
set the system idle timeout” on page 83).
Figure 10: Management
To configure the management interface
1 Go to System > Network > Management.
2 Enter the Management IP/Netmask.
3 Enter the Default Gateway.
4 Select the Management Virtual Domain.
5 Select Apply.
The FortiGate unit displays the following message:
Management IP address was changed. Click here to redirect.
6 Click on the message to connect to the new Management IP.
Management
IP/Netmask
Enter the management IP address and netmask. This must be a valid IP
address for the network that you want to manage the FortiGate unit
from.
Default
Gateway
Enter the default gateway address.
Management
Virtual Domain
Select the virtual domain from which you want to perform system
management.