FortiMail Serial Console Connection and Configuration

Facebooktwittergoogle_plusredditpinterestlinkedinFacebooktwittergoogle_plusredditpinterestlinkedin

You can access the FortiMail CLI commands via SSH, Telnet, or direct serial connection.

Local serial access is required in some cases. For example:

  • If you are installing your FortiMail unit for the first time and it is not yet configured to connect to your network, unless you reconfigure your computer’s network settings for a peer connection, you may only be able to connect to the CLI using a local serial console connection.
  • Restoring the firmware utilizes a boot interrupt. Network access to the CLI is not available until after the boot process has completed, and therefore local CLI access is the only viable option.

The following recipe details how to connect to your FortiMail unit through a local serial console connection and then quickly goes over some initial FortiMail setup using the CLI.

 

 Connecting to the FortiMail serial console

Local console connections to the CLI are formed by directly connecting your management computer to the FortiMail unit, using its DB-9 or RJ-45 console port.

Requirements

  • a computer with an available serial communications (COM) port
  • the RJ-45-to-DB-9 or null modem cable included in your FortiMail package
  • terminal emulation software such as PuTTY

Note:
The following procedure describes connection using PuTTY software; steps vary with other terminal emulators.

To connect to FortiMail CLI using a local serial console connection

    1. Using the null modem or RJ-45-to-DB-9 cable, connect the FortiMail unit’s console port to the serial communications (COM) port on your management computer.
    2. On your management computer, start PuTTY.
    3. In the Category tree on the left, go to Connection > Serial and configure the following:
      Serial line to connect to –
      COM1 (or, if your computer has multiple serial ports, the name of the connected serial port)
      Bits per second – 9600
      Data bits – 8
      Parity – None
      Stop bits – 1
      Flow control  None
    4. In the Category tree on the left, go to Session (not the sub-node, Logging) and from Connection type, select Serial.
    5. Click Open.
    6. Press the Enter key to initiate a connection. The login prompt appears.
    7. Type a valid administrator account name (such as admin) and press Enter.
    8. Type the password for that administrator account then press Enter. (In its default state, there is no password for the admin account.)
    1. The CLI displays the following text, followed by a command line prompt:
  1.    Welcome!
    1. You can now enter CLI commands.
 

 Basic CLI configurations

Once you’ve physically connected your computer to the FortiMail unit, you can configure the basic FortiMail system settings through the CLI. If you require more information on other CLI commands, see the FortiMail CLI Guide.

To change the admin password:

config system admin
  edit <admin_name>
    set password <new_password>
end

To change the operation mode:

config system global
  set operation_mode {gateway | server | transparent}
end

To configure the interface IP address:

config system interface
  edit <interface_name>
      set <ip_address>
end

To configure the system route/gateway:

config system route
  edit <route_int>
    set destination <destination_ip4mask>
    set gateway <gateway_ipv4>
    set interface <interface_name>
end

To configure the DNS servers:

config system dns
  set primary <ipv4_address>
  set secondary <ipv4_ address>
end

To configure the NTP time synchronization:

config system time ntp
  set ntpserver {<address_ipv4 | <fqdn_str>}
  set ntpsync {enable | disable}
  set syncinterval <interval_int>
end

To configure the SNMP v3 user settings:

config system snmp user
  edit <user_name>
    set query-status {enable | disable}
    set query-port <port_number>
    set security-level {authnopriv | authpriv | no authnopriv}
    set auth-proto {sha1 | md5}
    set aut-pwd <password>
    set status {enable | disable}
    set trap-status {enable | disable}
    set trapevent {cpu | deferred-queue | ha | ip-change | logdisk | mem | raid | remote-storage | spam | system | virus}
    set trapport-local <port_number>
    set trapport-remote <port_number>
  config host
    edit <host_no>
    set ip <class_ip>
  end
end

 
  • Was this helpful?
  • Yes   No