Fortigate - Upgrading/Dowdgrading OS

To upgrade or downgrade OS for Fortigate, Let follow these step:

• Step1: Prepare Fortigate OS which you want upgrading/dowdgrading (attent to choose the right version for your hardware). You can download Fortigate OS in http://support.fortinet.com.

• In Dashboard-> System information, choose update in firmware version.

• In firmware management, choose Upload firmware.

• There will be a notice about Dowdgrading and upgrading. You should backup the configuration before process.
• Choose confirm and continue process.

• System will reboot, it takes some minutes.

• Login firewall and check current version.

In this post, I have upgraded my Fortigate 200D from version 5.2.9 upto 6.0.4. Some configuration may be not work fine, You need to double check the configuration.

Fortigate - Login page customizing

Hi everyone, in this post i will share about Fortigate login page customizing.

Let follow these step:

• Upload your logo to fortigate firewall.
• In System tab -> Replacement messages -> choose Manage Images.

• Choose create new.
• Fill name of logo and choose logo file from your computer.

• After upload, you can see your logo in Manage Images tab.

• Change the logo in login page to your logo.


• In System tab -> Replacement messages -> choose login page.

• Find the code lines as follow, change and save.
• Before

logo{

        background:#eee center 25px url(%%IMAGE:logo_fw_auth%%) no-repeat;

        padding-top:80px;

      }

• After

                             logo{

                               background:#eee center 25px url(%%IMAGE:[name of your logo]%%) no-repeat;

                               padding-top:80px;

                                   }

You can change the other messages follow this way.

Captive Portal with fo rtigate and active directory account

Today, I will share about Captive Portal with fortigate and active directory account.

I. Add LDAP server to Fortigate
1. In tab User & Device -> LDAP server -> Create New

2. Fill information of LDAP Server

• Name: fill the name of LDAP server.
• Server IP name: IP of LDAP server.
• Server Port: 389.
• Common Name Identifier: sAMAccountName.
• Distinguished name: if your local domain is abc.local, let fill dc=abc,dc=local.
• Blind Type: chose REgular.
• User DN: fill your AD account, eg: fortinet@abc.local.
• Password: fill your password.

You can click to test button to check the connection with LADP server.

II. Add user or group to Fortigate from LDAP server
1. Create user from LDAP server

• In tab User&Device -> User Definition, choose Create New.

• In next step, choose Remote LDAP User in User Type tab and next.

• In tab LDAP server, choose LDAP server which create before and next.

• In tab Remote Users, choose the user and create.

2. Create group from LDAP server

• In tab User&Device -> User Group, choose Create New.
• Fill name of the group and click create new.

• Choose Remote server and group from AD server.

III. Enable captive portal in LAN interface

• In Network tab -> Interface, choose the LAN interface of your network.
• Choose Captive portal in Security mode of Admission Control.

• In User Access field:
• Choose Allow all if you want anyone can authentic.
• Choose Restricted to Groups if you want some groups can authentic.
• Add user groups which you allow authentication in User groups field.
• Add bypass authentication source address in Exempt sources field.
• Add bypass authentication destination address/services in Exempt destination/service field.

Sorry for my english. Hope this post is useful for you. Next post, i will share about login page customizing.