Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Mrinmoy
Staff
Staff

Created on ‎12-21-2023 06:44 AM Edited on ‎12-08-2025 07:33 AM By Community Manager

Article Id 290424

Technical Tip: How to access a firewall from a FortiGate Cloud subaccount

Description This article describes how to assign remote access to a FortiGate Cloud sub-account, which is sometimes necessary for business requirements.
Scope FortiGate connected to FortiGate Cloud.
Solution

If the FortiGate does not have a valid subscription to FortiGate Cloud, access through FortiGate Cloud is read-only. See FortiGate Cloud Administration Guide: Feature Comparison.

 

  1. Verify management connectivity using the primary account.

1.JPG

 

  1. Log in to https://support.fortinet.com/ and select Service -> IAM.
     2.JPG

     

  2. Create an IAM permission profile allowing Read-Write access to the FortiGate Cloud portal.

    3.JPG
    4.JPG
    5.JPG
    6.JPG
    7.JPG

Note: If the Permission profile is created as 'Local', it can only be used by an IAM user with Local access and cannot be used for Organization users. Similarly, a profile created under 'Organization' cannot be used for Local IAM users. Make sure to choose the appropriate type. For more details, see Technical Tip: FortiGate Cloud Organizations basic deployment example.

 

permissions.png

 

1.Create a new IAM user and assign the new profile to this user.

8.JPG
9.JPG
10.JPG

 

 


11.JPG

 

  1. Generate a password for the IAM user, copy the reset link, and share it with the new user.


12.JPG
13.JPG
14.JPG

 

  1. Using the reset link, the new user must create their account password. Additionally, the user must note down the account ID number.

15.JPG

 

  1. The new user selects the 'IAM login' option from https://support.fortinet.com/ to log in to their account.

    16.JPG
    17.JPG

     

  2. It will verify the user one more time.

    18.JPG
    19.JPG
    20.JPG

     

  3. After logging in, the user will be able to access the 'FortiGate Cloud' portal from the Services option.

    21.JPG

     

  4. The user is redirected to the FortiGate Cloud portal. Select Assets -> Select Remote Access.

    22.JPG

  5. The user is directed to a FortiGate login page and may log in with a valid FortiGate administrator.
                                                                                                       
    23.JPG                                                                                               

  6. If the user should use their existing IAM credential to authenticate, FortiCloud single sign-on must be enabled in the FortiGate configuration. This is enabled by default for new devices, see FortOS Administration Guide: FortiCloud SSO.

 

2386
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.