Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
irfanink
New Contributor

Configuration of New Device

I have a new device 60 E with wireless facility . but when i try to connect with web with the ip of 192.168.1.99 its doesn't connect and through wifi of fortinet i can connect , secondly when i am configuring WAN interface and give public ip it give me error that ip is already use by other device 

5 REPLIES 5
Neophron
New Contributor

I'm not sure how you are connecting at this point. if it's your first time connecting to this FGT, and it's clean out of the

box then you need to connect with UTP on port 1, secondly remember that you need to configure your own ranges. Out of the box it will have only 192.168.1.0/24, if your lan is on another subnet, you won't be able to connect unless you configure a vlan / interface with that subnet and FGT-management switched on.

below the credential setup that should work when you connect on port 1 of the FGT. you will get a DHCP address from port 1, or you can configure your own interface on your pc / laptop somewhere in the 192.168.1.0/24 subnet.

 

Network Interface port1 URL https://192.168.1.99/                      Administrator Account admin Password

irfanink

Actually when i am trying to connect with fortigate device through web but i cant while i try to login with https://192.168.1.99. so then i connect with fortigate wifi , and when i am connected with fortigate wifi then i give a Lan ip to it for access but when i want to  contact with fortigate device then  i will 1st contact with fortigate wifi while the ip which is same in all network . i cant ping to it if i am not contect with fortigate wifi .

Neophron

you should connect to port 1 of the FGT, and configure your interface on your management machine to 192.168.1.2/24 below are the steps you can follow, in a factory default this should always work. if not, you could raise a ticket with fortinet support.

1.  On your management computer, configure the Ethernet port with the static IP address 192.168.1.2 with a netmask of 255.255.255.0.

2.  Using the Ethernet cable, connect your computer’s Ethernet port to the FortiWeb appliance’s port1.

3.  Start your browser and enter the following URL:

https://192.168.1.99/

(Remember to include the “s” in [link]https://.)[/link]

Your browser connects the appliance.

If you do not see the login page due to an SSL cipher error during the connection, and you are connecting to the trial license of FortiWeb-VM or a LENC version of FortiWeb, then your browser must be configured to accept encryption of 64-bit strength or less during the handshake. (RC2, RC4, and DES with less than 64-bit strength is supported. AES and 3DES is not supported in these versions.)

For example, in Mozilla Firefox, if you receive this error message:

ssl_error_no_cypher_overlap

you may need to enter about:config in the URL bar, then set security.ssl3.rsa.rc4_40_md5 to true.

To support HTTPS authentication, the FortiWeb appliance ships with a self-signed security certificate, which it presents to clients whenever they initiate an HTTPS connection to the FortiWeb appliance. When you connect, depending on your web browser and prior access of the FortiWeb appliance, your browser might display two security warnings related to this certificate:

[ul]The certificate is not automatically trusted because it is self-signed, rather than being signed by a valid certificate authority (CA). Self-signed certificates cannot be verified with a proper CA, and therefore might be fraudulent. You must manually indicate whether or not to trust the certificate.The certificate might belong to another web site. The common name (CN) field in the certificate, which usually contains the host name of the web site, does not exactly match the URL you requested. This could indicate server identity theft, but could also simply indicate that the certificate contains a domain name while you have entered an IP address. You must manually indicate whether this mismatch is normal or not.[/ul]Both warnings are normal for the default certificate. SSL v3 and TLS v1.0 are supported.

4.  Verify and accept the certificate, either permanently (the web browser will not display the self-signing warning again) or temporarily. You cannot log in until you accept the certificate.

For details on accepting the certificate, see the documentation for your web browser.

5.  In the Name field, type admin, then click Login. (In its default state, there is no password for this account.)

Login credentials entered are encrypted before they are sent to the FortiWeb appliance. If your login is successful, the web UI appears. To continue by updating the firmware, see Updating the firmware. Otherwise, to continue by setting an administrative password, see Changing the “admin” account password.

aagrafi

Are you sure that this is an out of the box device? The behavior you are describing sounds like the FortiGate is not carrying the factory default configuration.

 

Also, you say that you can access the FortiGate through WiFi, right? Can you HTTPS or SSH the device via WiFi? Can you connect the device with the default credentials (admin/no password)?

 

Anyway, you can try accessing the device through the USB console and see what's going on.

rwpatterson
Valued Contributor III

With a Fortigate, you cannot treat it like a home Netgear or Linksys device. Setting the WiFi with the same subnet as the LAN interfaces out of the box won't work. Each interface needs to route to the others, until you make a soft switch and aggregate your wanted interfaces there.  That's for a far later time. Let's get you up first. If you can connect via WiFi, don't mess with those settings yet or you may lock yourself out.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
Labels
Top Kudoed Authors