Set FortiGate VM port1 IP address

Hypervisor management environments include a guest console window. On the FortiGate VM, this provides access to the FortiGate console, equivalent to the console port on a hardware FortiGate unit. Before you can access the Web-based manager, you must configure FortiGate VM port1 with an IP address and administrative access.

To configure the port1 IP address:
  1. In your hypervisor manager, start the FortiGate VM and access the console window.
    You might need to press Return to see a login prompt.

    Example of FortiGate VM console access:
  2. At the FortiGate VM login prompt enter the username admin. By default there is no password. Just press Return.
  3. Using CLI commands, configure the port1 IP address and netmask. Also, HTTP access must be enabled because until it is licensed the FortiGate VM supports only low-strength encryption. HTTPS access will not work.

    For example:

config system interface

edit port1

set ip

append allowaccess http


note icon You can also use the append allowaccess CLI command to enable other access protocols, such as auto-ipsec, http, probe-response, radius-acct, snmp, and telnet. The ping, https, ssh, and fgfm protocols are enabled on the port1 interface by default.


  1. To configure the default gateway, enter the following CLI commands:

config router static

edit 1

set device port1

set gateway <class_ip>


caution icon You must configure the default gateway with an IPv4 address. FortiGate VM needs to access the Internet to contact the FortiGuard Distribution Network (FDN) to validate its license.


  1. To configure your DNS servers, enter the following CLI commands:

config system dns

set primary <Primary DNS server>

set secondary <Secondary DNS server>


note icon The default DNS servers are and
  1. To upload the FortiGate VM license from an FTP or TFTP server, use the following CLI command:

execute restore vmlicense {ftp | tftp} <VM license file name> <Server IP or FQDN>[:server port]

note icon You can also upload the license in the FortiGate VM Web-based Manager. See Set FortiGate VM port1 IP address.
Web-based Manager and Evaluation License dialog box