How to enable GUI Access on Fortinet Fortigate Firewall?

Rashmi Bhardwaj | Blog,Security

Enabling GUI Access on Fortigate Firewall

Fortigate Next-Generation Firewalls (NGFW) run on FortiOS. There are various version i.e. 6.4, 6.2, 6.0, 5.6, 5.2, 5.0. These firewalls can be managed via the CLI as well as via the GUI.

In this post, we will particularly focus on enabling the GUI access for an out-of-box Fortigate firewall.


You can login to Fortigate firewall with default credentials as below:

Username: admin

Password: <No password>…Just hit Enter

Step 1: Configure the port1 or the port connecting to switch with a free IP address on your private network as below:

  • Fortinet_Lab # config system interface
  • Fortinet_Lab (interface) # edit port1
  • Fortinet_Lab (port1) # set ip


  • Fortinet_Lab (port1) # set allowaccess ping http https fgfm
    • ssh SSH access.
    • snmp SNMP access.
    • telnet TELNET access.
    • radius-acct RADIUS accounting access.
    • probe-response Probe access.
    • capwap CAPWAP access.
    • ftm FTM access.


  • Fortinet_Lab (port1) # set allowaccess ping http https fgfm ftm ssh >> Remember to allow the https and http connection to firewall on this port. You can also allow other options to connect to firewall but those will need to be specifically allowed under each port where you want to connect from your network. For example we have allowed ping, ssh etc on firewall to this port (port1).


  • Fortinet_Lab (port1) # end


Step 2: Verify if the configurations under the port as below:

Fortinet_Lab # show system interface port1

config system interface

    edit “port1”

set vdom “root”

        set ip

        set allowaccess ping https ssh http fgfm ftm

set type physical

set snmp-index 1




Step 3: Configure the static default route or specific route towards the default gateway. In our lab topology we will configure the default route towards the gateway as below:

Fortinet_Lab # config router static

Fortinet_Lab (static) # edit 1

new entry ‘1’ added

Fortinet_Lab (1) # set gateway

Fortinet_Lab (1) # set dst

Fortinet_Lab (1) # set device port1

Fortinet_Lab (1) # end


Verify the route:

Fortinet_Lab # show router static

config router static

edit 1

set gateway

set device “port1”



Fortinet_Lab #


Step 4: Execute the Ping to default Gateway IP to ensure our route towards GW is working:

Remember to allowaccess ping if desired on the port whose IP you are using to ping GW IP like we did allow ping on Port1.

Fortinet_Lab # execute ping

PING ( 56 data bytes

64 bytes from icmp_seq=0 ttl=64 time=0.7 ms

64 bytes from icmp_seq=1 ttl=64 time=0.5 ms

64 bytes from icmp_seq=2 ttl=64 time=0.5 ms

64 bytes from icmp_seq=3 ttl=64 time=0.4 ms

64 bytes from icmp_seq=4 ttl=64 time=0.5 ms


— ping statistics —

5 packets transmitted, 5 packets received, 0% packet loss

round-trip min/avg/max = 0.4/0.5/0.7 ms


Step 5: Try accessing the GUI page for Fortinet Fortigate at i.e. IP given to port1 in our example. You will get a screen as below. Login with default username and empty password here.


Related- Fortinet Firewall Interview Questions


Leave a Comment

Your email address will not be published. Required fields are marked *

Shopping Cart