Skip to main content
jstan
Staff
jstan
Staff
July 29, 2021

Technical Tip: Restrict access using trusted host

  • July 29, 2021
  • 0 replies
  • 4287 views

Description


This article describes how to configure trusted hosts to restrict administrator login access via the FortiMail GUI.

 

Scope

 

FortiMail.


Solution

 

  1. The trusted hosts can restrict admin access.
  2. For webmail access, it is not possible to restrict access based on the trusted hosts.
  3. It is recommended that trusted hosts be configured for all administrator accounts on FortiMail to ensure the device does not respond to connection attempts from untrusted sources:

 

GUI:

  • Go to System -> Administrator -> Administrator and select an administrator (for example: 'test').
  • Under the trusted hosts field, define the IPv6/IPv4 address or subnet and the subnet mask from which the admin will log in.

    test.png
 

  1. Logs for untrusted hosts tried to access the Admin account:

Trusted Host: Admin logged in successfully.

 

trusted-host-allowed.png

 

Untrusted Host: Admin login failed.

 

Trusted-host-denied.png

 

CLI:

 

config system admin     edit admin         set trusted-hosts 172.26.52.14/32 end
Terms & ConditionsAccessibility statement