Skip to main content
SimranRana
Staff
SimranRana
Staff
January 2, 2025

Technical Tip: FortiGate Integration with FortiWeb

  • January 2, 2025
  • 0 replies
  • 2429 views
Description

This article describes how to connect FortiGate to FortiWeb Device.
Scope FortiWeb and FortiGate
Solution

On the FortiGate: Setup Security Fabric.

  • Navigate to Security Fabric -> Fabric Connectors.

 

SimranRana_0-1735634323431.jpeg

 

  • Go to Security Fabric Setup.

 

SimranRana_1-1735634323435.jpeg

 

  • Select 'Security Fabric role' as 'Serve as Fabric Root'.

Note:

FortiAnalyzer or Cloud Logging is essential for the Security Fabric.

 

  • Enable 'Allow other Security Fabric devices to join' and select the interface having connectivity to the FortiWeb (in this case, port3).
  • Enter the Fabric Name (here, FortiWeb_Integration).
  • (Optional) Pre-authorization of FortiWeb can be configured to enable the device to join the Security Fabric as soon as it connects.
  • (Optional) SAML SSO can be enabled.

 

SimranRana_3-1735634323438.jpeg

 

On the FortiWeb: Setup FortiGate:

  • Navigate to Security Fabric -> Fabric Connectors.
  • Select FortiGate.

 

SimranRana_4-1735634323441.jpeg

 

  • Enable 'Status'.
  • Set the 'Upstream IP' of the interface that was selected on 'Allow other Security Fabric devices to join' in FortiGate (in this case, 172.30.17.193 for port3).
  • 'Upstream Port' can be kept as default i.e., 8013.
  • Enter the 'Management IP' as the FortiWeb GUI management IP.

 

SimranRana_5-1735634323442.jpeg

 

  • Enter the 'Management Port' as the FortiWeb GUI management HTTPS port, which can be verified under System -> Admin -> Settings.

 

SimranRana_6-1735634323444.jpeg

 

  • Select OK.

 

On the FortiWeb: Connection Status:

  • Navigate again to Security Fabric -> Fabric Connectors -> FortiGate.

 

SimranRana_7-1735634323446.jpeg

 

  • The Connection Status will display as 'Authorize pending.'

Note:

If pre-authorization for FortiWeb on FortiGate (Step 1-f) is configured, FortiWeb will be authenticated right away.

 

On the FortiGate: Authorization of FortiWeb.

  • Navigate to Security Fabric -> Fabric Connectors.
  • The FortiWeb connector will now appear with a status of 'Waiting for Authorization.'

 

SimranRana_8-1735634323448.jpeg

 

  • Select FortiWeb and an option to 'Authorize' will be presented.

 

SimranRana_9-1735634323448.jpeg

 

  • Upon selecting 'Authorize,' a window will appear to 'Verify Pending Device Certificate.'

 

SimranRana_10-1735634323451.jpeg

 

  • Verify the certificate and select 'Accept'.
  • The FortiWeb Connector Status will show as 'Online' after some time.

 

Note:

If the device does not come online in 6-8 minutes, verify the connection between devices.

 

SimranRana_11-1735634323451.jpeg

 

On the FortiWeb: Verification of Authorization

  • Navigate to Security Fabric -> Fabric Connectors -> FortiGate.
  • The 'Connection Status' will now be updated to 'Authorized'.

 

SimranRana_12-1735634323453.jpeg

 

SimranRana_13-1735634323455.jpeg

 

On the FortiGate: Verification of Integration.

  • Navigate to Security Fabric -> Physical Topology or Security Fabric -> Logical Topology to verify and check details.

 

SimranRana_14-1735634323457.jpeg

 

SimranRana_15-1735634323460.jpeg
    Terms & ConditionsAccessibility statement