Description
The article describes how to configure the password policy for locally defined administrator passwords and IPsec VPN pre-shared keys.
Solution
Configuration from GUI.
To create a system password policy from the GUI:
1) Go to System -> Settings.
2) In the Password Policy section, change the Password scope to Admin, IPsec, or Both.
3) Configure the password policy options.
4)Select 'Apply'.
The article describes how to configure the password policy for locally defined administrator passwords and IPsec VPN pre-shared keys.
Solution
Configuration from GUI.
To create a system password policy from the GUI:
1) Go to System -> Settings.
2) In the Password Policy section, change the Password scope to Admin, IPsec, or Both.
3) Configure the password policy options.
4)Select 'Apply'.
From the CLI.
To create a system password policy the CLI:
1) If Password Scope is Admin:
To create a system password policy the CLI:
# config system password-policy
set status {enable | disable}
set apply-to {admin-password | ipsec-preshared-key}
set minimum-length <8-128>
set min-lower-case-letter <0-128>
set min-upper-case-letter <0-128>
set min-non-alphanumeric <0-128>
set min-number <0-128>
set change-4-characters {enable | disable}
set expire-status {enable | disable}
set expire-day <1-999>
set reuse-password {enable | disable}
end
Verification of Configuration and troubleshooting.
1) If Password Scope is Admin:
FGT1 # show system password-policy2) If Password Scope is IPsec:
# config system password-policy
set status enable
end
FGT1 # show system password-policy3) If Password Scope is Both Admin and IPsec:
# config system password-policy
set status enable
set apply-to ipsec-preshared-key
end
FGT1 # show system password-policy
# config system password-policy
set status enable
set apply-to admin-password ipsec-preshared-key
end
Related Articles
