Configure a login banner or disclaimer on a FortiGate for Terminal and HTTP admin logins

, ,

If like me you work in an environment where you have people who are attempting to circumvent your network security it helps to have a banner or disclaimer to warn them about the trouble they will get into if they’re caught. By default when you attempt to login to a FortiGate there is no warning message or login banner.

To enable the banner or disclaimer on a FortiGate (there is both a pre and post login disclaimer you can use) we firstly need to log into the CLI of the FortiGate and enter the following commands to enable the banner. You can substitute pre with post if you wish;

FG621B # config system global
FG621B (global) # set pre-login-banner enable
FG621B (global) # end

Now log into the web ui of FortiOS and go into System > Config > Replacement Messages once there we need to switch to the extended view and the login banners should be at the top of the list, you can edit the default message if you wish, once done click on Save.

Once you try and get the FortiGate via Terminal or Web Management you should get prompted with the Disclaimer message.


Leave a Reply

More Posts

Allowing anonymous relay on Exchange 2007/2010 on connectors for programs to send via SMTP using your Mail servers and how to secure it for internal use only.

I was recently helping out a colleague at another school as they were having difficulty in a specialised application sending e-mails to external addresses.  After a bit of investigating we found that the send connector configured for internet e-mail wasn’t allowing anonymous connections to it (which is dangerous) but since this particular application didn’t allow […]

How to Reset a Domain Controller’s Domain Admin password for a Virtual Machine running up in Azure

The Reset password utility for Virtual Machines has come in handy on the odd occasion when we never recorded or misplaced the password for a VM running in Azure. The downside is this tool does not support running against Domain Controllers (to reset the in-built Administrator account).  So what happens when you have a domain […]

Short blog hiatus…

So you may see that I haven’t been blogging lately. The reason being that I have a new job (focusing on Systems Engineering/Admin, Network Admin as well as IT Super Hero), so I’ve been mainly focusing on that and getting up to speed.  Now that I’ve settled in I will be back at it writing […]