How to enable GUI Access on Fortinet Firewall

Fortinet Next-Generation Firewalls (NGFW) run on FortiOS. There are various version i.e. 6.4, 6.2, 6.0, 5.6, 5.2, 5.0. These firewalls can be managed via the CLI as well as via the GUI.

In this post, we will particularly focus on enabling the GUI access for an out-of-box Fortigate firewall.

Advertisements

You can login to Fortinet firewall with default credentials as below:

Username: admin

Password: <No password>…Just hit Enter

Step 1: Configure the port1 or the port connecting to switch with a free IP address on your private network as below:

  • Fortinet_Lab # config system interface
  • Fortinet_Lab (interface) # edit port1
  • Fortinet_Lab (port1) # set ip 10.80.144.150/24

 

  • Fortinet_Lab (port1) # set allowaccess ping http https fgfm
    • ssh SSH access.
    • snmp SNMP access.
    • telnet TELNET access.
    • radius-acct RADIUS accounting access.
    • probe-response Probe access.
    • capwap CAPWAP access.
    • ftm FTM access.

 

  • Fortinet_Lab (port1) # set allowaccess ping http https fgfm ftm ssh >> Remember to allow the https and http connection to firewall on this port. You can also allow other options to connect to firewall but those will need to be specifically allowed under each port where you want to connect from your network. For example we have allowed ping, ssh etc on firewall to this port (port1).

 

  • Fortinet_Lab (port1) # end

 

Step 2: Verify if the configurations under the port as below:

Fortinet_Lab # show system interface port1

config system interface

    edit “port1”

set vdom “root”

        set ip 10.80.144.150 255.255.255.0

        set allowaccess ping https ssh http fgfm ftm

set type physical

set snmp-index 1

next

end

 

Step 3: Configure the static default route or specific route towards the default gateway. In our lab topology we will configure the default route towards the gateway as below:

Fortinet_Lab # config router static

Fortinet_Lab (static) # edit 1

new entry ‘1’ added

Fortinet_Lab (1) # set gateway 10.80.144.1

Fortinet_Lab (1) # set dst 0.0.0.0/0

Fortinet_Lab (1) # set device port1

Fortinet_Lab (1) # end

 

Verify the route:

Fortinet_Lab # show router static

config router static

edit 1

set gateway 10.80.144.1

set device “port1”

next

end

Fortinet_Lab #

 

Step 4: Execute the Ping to default Gateway IP to ensure our route towards GW is working:

Remember to allowaccess ping if desired on the port whose IP you are using to ping GW IP like we did allow ping on Port1.

Fortinet_Lab # execute ping 10.80.144.1

PING 10.80.144.1 (10.80.144.1): 56 data bytes

64 bytes from 10.80.144.1: icmp_seq=0 ttl=64 time=0.7 ms

64 bytes from 10.80.144.1: icmp_seq=1 ttl=64 time=0.5 ms

64 bytes from 10.80.144.1: icmp_seq=2 ttl=64 time=0.5 ms

64 bytes from 10.80.144.1: icmp_seq=3 ttl=64 time=0.4 ms

64 bytes from 10.80.144.1: icmp_seq=4 ttl=64 time=0.5 ms

 

— 10.80.144.1 ping statistics —

5 packets transmitted, 5 packets received, 0% packet loss

round-trip min/avg/max = 0.4/0.5/0.7 ms

 

Step 5: Try accessing the GUI page for Fortinet at https://10.80.144.150 i.e. IP given to port1 in our example. You will get a screen as below. Login with default username and empty password here.

 

Related- Fortinet Firewall Interview Questions

Share this:
Advertisements

Related Posts

About The Author

Add Comment

Social Media Auto Publish Powered By : XYZScripts.com
Select your currency
USD United States (US) dollar