Hot!Accessing Fortigate FG100D Gateway

Author
pureocean
New Member
  • Total Posts : 5
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/02/12 00:01:39
  • Status: offline
2019/02/12 00:18:56 (permalink)
0

Accessing Fortigate FG100D Gateway

Hi 
I would need some help on this configuration, previously the system administrator configured the FD 100D to be accessible by 1 assigned laptop only ( not sure what type of the configuration) and other unassigned machines (pc/laptop) when entering the FD100D's  IP, its returned with error and "Not found". That's also meaning only "assigned" laptops are allowed to access the gateway.
 
May I know what type of configuration was configured, also I have checked the entry for access list but couldn't find anything neither the Mac address for "assigned" laptop 
 
many thanks in advance 
 
 
 
#1

5 Replies Related Threads

    Toshi Esumi
    Expert Member
    • Total Posts : 1623
    • Scores: 137
    • Reward points: 0
    • Joined: 2014/11/06 09:56:42
    • Status: offline
    Re: Accessing Fortigate FG100D Gateway 2019/02/12 08:27:42 (permalink)
    0
    The first option to limit admin access is "trusthost" config in "config sys admin".
    The second option would be "local-in policy" under "config firewall local-in-policy".
    Check those places.
    #2
    pureocean
    New Member
    • Total Posts : 5
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/02/12 00:01:39
    • Status: offline
    Re: Accessing Fortigate FG100D Gateway 2019/02/13 04:21:24 (permalink)
    0
    toshiesumi
    The first option to limit admin access is "trusthost" config in "config sys admin".
    The second option would be "local-in policy" under "config firewall local-in-policy".
    Check those places.




    Hi Toshi san,
    As I check on both trust host and local in policy basically I cannot find any settings have configured to blocked the "assigned" machines.
     
    For trusthost -> Under System -> admin -> administrators -> username ( double click ) -> no check on Restrict this administrator login from trusted Hosts only
     
    For local-in policy, maybe can you elaborate more on as I don't find any signification settings on these issues or maybe I might be overlooked. Hope you can give me some guidelines.
    #3
    Toshi Esumi
    Expert Member
    • Total Posts : 1623
    • Scores: 137
    • Reward points: 0
    • Joined: 2014/11/06 09:56:42
    • Status: offline
    Re: Accessing Fortigate FG100D Gateway 2019/02/13 09:18:35 (permalink)
    0
    GUI would probably confuse you to look at local-in policy because those pre-defined ones are all "accept" except for the default one.
    Go to CLI, then use "show firewall local-in-policy". If nothing specifically configured, it doesn't show anything. Only additionally configured ones would show up.
    #4
    pureocean
    New Member
    • Total Posts : 5
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/02/12 00:01:39
    • Status: offline
    Re: Accessing Fortigate FG100D Gateway 2019/02/13 20:22:24 (permalink)
    0
    toshiesumi
    GUI would probably confuse you to look at local-in policy because those pre-defined ones are all "accept" except for the default one.
    Go to CLI, then use "show firewall local-in-policy". If nothing specifically configured, it doesn't show anything. Only additionally configured ones would show up.




    Hi Toshi San,
     
    I tried the Command line - "show firewall local-in-policy", it doesn't show anything and with a single word of "end".
     
    Apart from using trust host and local-in-policy are there any other ways configuring "assigned" laptop to connect to Gateway 
    #5
    Toshi Esumi
    Expert Member
    • Total Posts : 1623
    • Scores: 137
    • Reward points: 0
    • Joined: 2014/11/06 09:56:42
    • Status: offline
    Re: Accessing Fortigate FG100D Gateway 2019/02/14 09:13:28 (permalink)
    0
    As long as both two machines are connected through the same interface, those are the only options I know of to block one of them while accept the other.
    #6
    Jump to:
    © 2019 APG vNext Commercial Version 5.5