Connecting to the web UI
You can connect to the web UI using its default settings.
Table 8: Default settings for connecting to the web UI
Network Interface | port1 |
URL | |
Administrator Account | admin |
Password | |
Requirements
• a computer with an RJ-45 Ethernet network port
• a web browser such as Microsoft Internet Explorer version 6.0 or greater, or Mozilla Firefox 3.5 or greater
• a crossover Ethernet cable
To connect to the web UI
1. On your management computer, configure the Ethernet port with the static IP address 192.168.1.2 with a netmask of 255.255.255.0.
2. Using the Ethernet cable, connect your computer’s Ethernet port to the FortiWeb appliance’s port1.
3. Start your browser and enter the URL:
(Remember to include the “s” in https://.)
Your browser connects the appliance.
If you do not see the login page due to an SSL cipher error during the connection, and you are connecting to the trial license of FortiWeb-VM or a LENC version of FortiWeb, then your browser must be configured to accept encryption of 64-bit strength or less during the handshake. (RC2, RC4, and DES with less than 64-bit strength is supported. AES and 3DES is not supported in these versions.)
For example, in Mozilla Firefox, if you receive this error message:
ssl_error_no_cypher_overlap
you may need to enter about:config in the URL bar, then set security.ssl3.rsa.rc4_40_md5 to true.
To support HTTPS authentication, the FortiWeb appliance ships with a self-signed security certificate, which it presents to clients whenever they initiate an HTTPS connection to the FortiWeb appliance. When you connect, depending on your web browser and prior access of the FortiWeb appliance, your browser might display two security warnings related to this certificate:
• The certificate is not automatically trusted because it is self-signed, rather than being signed by a valid certificate authority (CA). Self-signed certificates cannot be verified with a proper CA, and therefore might be fraudulent. You must manually indicate whether or not to trust the certificate.
• The certificate might belong to another web site. The common name (CN) field in the certificate, which usually contains the host name of the web site, does not exactly match the URL you requested. This could indicate server identity theft, but could also simply indicate that the certificate contains a domain name while you have entered an IP address. You must manually indicate whether this mismatch is normal or not.
Both warnings are normal for the default certificate. SSL v3 and TLS v1.0 are supported.
4. Verify and accept the certificate, either permanently (the web browser will not display the self-signing warning again) or temporarily. You cannot log in until you accept the certificate.
For details on accepting the certificate, see the documentation for your web browser.
5. In the Name field, type admin, then click Login. (In its default state, there is no password for this account.)
Login credentials entered are encrypted before they are sent to the FortiWeb appliance. If your login is successful, the web UI appears. To continue by updating the firmware, see
“Updating the firmware”. Otherwise, to continue by setting an administrative password, see
“Changing the “admin” account password”.