FortiGate Firewall: Quick Start

Last update: June 04 2026

You can work with the FortiGate firewall via the graphical interface or CLI.

1. Connect to the firewall.
2. Change the administrator password.
3. Optional: create a new administrator account.
4. Optional: change the firewall name.
5. Optional: follow the security recommendations.

1. Connect to the firewall

Graphical interface

1. Open the following page in your browser:

   https://<ip_address>

   Specify <ip_address> — the firewall IP address that you received in the ticket after ordering the service.

2. Log in with the username and password that you received in the ticket after ordering the service.

CLI

1. Open the CLI.

2. Connect to the firewall via SSH:

   ssh <username>@<ip_address>

   Specify:

   • <username> — the login you received in the ticket after ordering the service;
   • <ip_address> — the firewall IP address that you received in the ticket after ordering the service.

3. Enter the password that you received in the ticket after ordering the service.

2. Change the administrator password

Graphical interface

1. In the FortiGate control panel, go to System → Administrators.
2. Select the administrator login admin from the list.
3. Switch to edit mode.
4. Click Change password.
5. Enter the old password.
6. Enter the new password.
7. Repeat the new password.
8. Click OK.

CLI

Change the administrator password:

config system admin
    edit admin
      set password <new_password>
end

Specify <new_password> — a new administrator password.

3. Optional: create a new administrator account

By default, an admin account is created in FortiGate with full access to firewall settings. You can create multiple accounts with different access levels to settings.

Graphical interface

1. Go to System → Administrators.
2. Click Create new → System administrator.
3. Specify the username and password that the administrator will use to connect to the firewall.
4. Select an administrator profile. A profile is an administrator role with access to firewall settings. By default, the super_admin profile with full access to settings is available. You can create a new profile in the System → Admin Profiles section.
5. Click OK.

CLI

Create an administrator account:

config system admin
    edit <username>
      set accprofile <profile_name>
      set vdom <virtual_domain>
      set password <password>
    next
end

Specify:

• <username> — administrator login;
• <profile_name> — administrator profile. A profile is an administrator role with access to firewall settings. By default, the super_admin profile with full access to settings is available. Learn more about creating a new profile in the Administrator profiles section of the official FortiGate documentation;
• <virtual_domain> — virtual domain to which the administrator will have access. The root virtual domain is available by default. Learn more about virtual domains in the Virtual Domains section of the official FortiGate documentation;
• <password> — administrator password.

4. Optional: change the firewall name

Graphical interface

1. Go to System → Settings.
2. In the Host name field, specify a new firewall name.
3. Click Apply.

CLI

Change the firewall name:

config system global
    set hostname <hostname>
end

Specify <hostname> — a new firewall name.

5. Optional: follow the security recommendations

You can follow the Security Recommendations when working with FortiGate:

• use secure access protocols;
• enable redirect to HTTPS;
• change default access ports;
• configure short login timeouts;
• configure login for trusted addresses;
• create multiple administrator accounts;
• configure account lockout;
• rename the administrator account;
• disable unused interfaces;
• disable unused protocols.