I'm a FortiNet "newbie". One of my customers purchased a FortiGate 60E so I have to learn how to set it up.
Page 4 of the QuickStart Guide tells me I can use FortiExplorer in Windows to do setup of the FortiGate. It goes on to tell me to download FortiExplorer via http://forti.net/fexp. But the only FortiExplorer I can find on the website is a mobile app for IOS and Android.
The QuickStart Guide is dated September 2014. Has the FortiGate world changed since then? Is the program for setting up my FortiGate 60E called something else now.
Yes, I can connect via a browser (I've tried Firefox, IE, and Edge) but I get a "Certificate error" when I connect to it, and when I try to register the device (the first thing that pops up when I login) I always end up "192.168.x.x is not responding" and only option is to "Recover webpage" which takes me back to the beginning. I'm hoping the FortiExplorer program will work better.
I did some more reading and apparently the FortiExplorer program has been retired. (Yet, this brand new FortiGate 60E that I just unboxed with the QuickStart Guide from September 2014 tells me to download it...)
OK, so I'll use a browser to configure the device, but every time I connect I get a certificate warning. Chrome (and I don't think Firefox, IE, or Edge either) won't allow me to accept a certificate any more. I tried to export the certificate and import it (into "Personal" and then "Enterprise Trust"), closed and opened Chrome, entered IP address of FortiGate router, and still get the "Not secure" warning.
I have the "newbie" blues: Fortinet seems to have its own way of doing everything.
You should be able to add an exception in Firefox to get rid of the certificate warning. In IE you have to install the certificate in the right Certificate Store (Trusted Root Certification Authorities) to avoid the warning, requires you to have admin privileges on the machine.
The certificate warning is actually about two issues, the first being that it is self-signed (not trusted by anyone per default) and also that the name in the certificate do not match when you enter the IP address. So, even if you install the certificate, you would most likely get a warning unless you have Windows configured to ignore certificate name mismatch.
Products Solutions Support Partners Threat Research Contact Us