Technical Tip: How to create admin user to do only... - Fortinet Community

FortiGate

FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.

Article Id 352663

Description

This article describes creating admin users who can access the firewall to only perform the packet capture and will not have any other access.

Scope

FortiGate.

Solution

To create am admin user to perform only the packet capture, log in to the firewall with a super admin credentials.
Navigate to System -> Admin Profiles. In the Admin profiles tab, select Create New.

Add the Name for the Admin profile.
In the Access Permissions tab, check for the Network in Access Control and under Permissions, select Custom.
In the Packet Capture tab click Read/Write to provide the permission for the Packet Capture.
Select OK.

Once the admin profile is created, select System -> Administrators and, in the Administrator tab, select Create New.

Provide the username and password. In the Administrator profile tab, select the profile name.
Select OK.

Once the Administrator is created, Logout from the firewall and login using the credentials with the created account (Admin1).

Select Network -> Diagnostics to see that the user has permissions only to perform the packet capture.

176

Contributors

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Copyright 2025 Fortinet, Inc. All Rights Reserved.