How to set up your FortiADC : Connecting to the web UI or CLI : Connecting to the web UI
Connecting to the web UI
You can connect to the web UI using its default settings.
Table 3: Default settings for connecting to the web UI
Network Interface
Administrator Account
a computer with an RJ-45 Ethernet network port
a web browser such as Microsoft Internet Explorer version 8.0 or newer, or Mozilla Firefox 20 or newer
a crossover Ethernet cable
To connect to the web UI
1. On your management computer, configure the Ethernet port with the static IP address with a netmask of
2. Using the Ethernet cable, connect your computer’s Ethernet port to the FortiADC appliance’s port1.
3. Start your browser and enter the URL:
(Remember to include the “s” in https://.)
Your browser connects the appliance.
If you do not see the login page due to an SSL cipher error during the connection, and you are connecting to the trial license of FortiADC-VM or a LENC version of FortiADC, then your browser must be configured to accept encryption of 64-bit strength or less during the handshake. (RC2, RC4, and DES with less than 64-bit strength is supported. AES and 3DES is not supported in these versions.)
For example, in Mozilla Firefox, if you receive this error message:
you may need to enter about:config in the URL bar, then set security.ssl3.rsa.rc4_40_md5 to true.
To support HTTPS authentication, the FortiADC appliance ships with a self-signed security certificate, which it presents to clients whenever they initiate an HTTPS connection to the FortiADC appliance. When you connect, depending on your web browser and prior access of the FortiADC appliance, your browser might display two security warnings related to this certificate:
The certificate is not automatically trusted because it is self-signed, rather than being signed by a valid certificate authority (CA). Self-signed certificates cannot be verified with a proper CA, and therefore might be fraudulent. You must manually indicate whether or not to trust the certificate.
The certificate might belong to another web site. The common name (CN) field in the certificate, which usually contains the host name of the web site, does not exactly match the URL you requested. This could indicate server identity theft, but could also simply indicate that the certificate contains a domain name while you have entered an IP address. You must manually indicate whether this mismatch is normal or not.
Both warnings are normal for the default certificate. SSL v3 and TLS v1.0 are supported.
4. Verify and accept the certificate, either permanently (the web browser will not display the self-signing warning again) or temporarily. You cannot log in until you accept the certificate.
For details on accepting the certificate, see the documentation for your web browser.
5. In the User name field, type admin, then click Login. (In its default state, there is no password for this account.)
Login credentials entered are encrypted before they are sent to the FortiADC appliance. If your login is successful, the web UI appears. To continue by updating the firmware, see “Updating the firmware”. Otherwise, to continue by setting an administrative password, see “Changing the “admin” account password”.
If 5 incorrect login or password attempts occur in a row, your IP address will be temporarily blacklisted from the GUI and CLI (network, not console). This is to protect the appliance from brute force login attacks. Wait 1 minute, then attempt the login again.