The following section provides information about setting up the Virtual Machine (VM) version of the product.
Before using FortiAuthenticator-VM, you need to install the VMware application to host the FortiAuthenticator-VM device. The installation instructions for FortiAuthenticator-VM assume you are familiar with VMware products and terminology.
For information on the FortiAuthenticator-VM system requirements, please see the product datasheet available at http://www.fortinet.com/products/fortiauthenticator.
FortiAuthenticator-VM has kernel support for more than 4GB of RAM in VM images. However, this support also depends on the VM player version. For more information, see: http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1014006 The default Hardware Version is 4 to support the widest base of VM players. However you can modify the VM Hardware Version by editing the following line in the FortiAuthenticator-VM.vmx file: virtualHW.version = "4" |
The following procedure describes setup on VMware Fusion.
VMware will install and start FortiAuthenticator-VM. This process can take a minute or two to complete.
admin
and press Enter. set port1-ip 192.168.1.99/24
set default-gw 192.168.1.2
Substitute your own desired FortiAuthenticator IP address and default gateway.
You can now connect to the GUI at the IP address you set for port 1.
Suspending the FortiAuthenticator-VM can have unintended consequences. Fortinet recommends that you do not use the suspend feature of VMware. Instead, shut down the virtual FortiAuthenticator system using the GUI or CLI, and then shut down the virtual machine using the VMware console. |
Administrative access is enabled by default on port 1. Using the GUI, you can enable administrative access on other ports if necessary.
To use the GUI, point your browser to the IP address of port 1 (192.168.1.99 by default). For example, enter the following in the URL box:
Enter admin
as the User Name and leave the Password field blank.
HTTP access is not enabled by default. To enable access, use the set ha-mgmt-access command in the CLI (see CLI commands), or enable HTTP access on the interface in the GUI (see Interfaces). |
For security reasons, the host or domain names that the GUI responds to are restricted. The list of trusted hosts is automatically generated from the following:
Additional IP addresses and host or domain names that the GUI responsed to to can be defined in the GUI Access settings. See GUI access
CLI access is available using telnet to the port1 interface IP address (192.168.1.99 by default). Use the telnet -K option so that telnet does not attempt to log on using your user ID. For example:
$ telnet -K 192.168.1.99
At the FortiAuthenticator login prompt, enter admin
. When prompted for password press Enter
. By default there is no password. When you are finished, use the exit
command to end the telnet session.
CLI access using Telnet is not enabled by default. To enable access, use the set ha-mgmt-access command in the CLI (see CLI commands), or enable Telnet access on the interface in the GUI (see Interfaces) |
SSH provides secure access to the CLI. Connect to the port1 interface IP address (192.168.1.99 by default). Specify the user name admin
or SSH will attempt to log on with your user name. For example:
$ ssh admin@192.168.1.99
At the password prompt press Enter
. By default there is no password. When you are finished, use the exit
command to end the session.