Description
This article describes how to change the admin default port to the custom port of the firewall.
Scope
FortiGate.
Solution
In many cases, reaching the FortiGate with ping, Telnet or SSH is possible.
Reach the GUI does not work due to a change in the admin default port.
To access the FortiGate with the admin login via GUI, port 80 is used for HTTP and 443 for HTTPS (by default):
SSH - 22
Telnet - 23
If these ports are changed or intended to be changed, refer to the details below:
- Verify the current admin ports configured for admin access
show full | grep admin-sport <----- verify HTTPS port.
set admin-sport 443
show full | grep admin-port <----- verify HTTP port.
set admin-port 80
If the ports have been changed, use the below URL to access the GUI:
http(s)://<IP of the FortiGate>:<custom port>
Example.
http://192.168.20.10:300: where 300 is the custom port configured to access GUI via HTTP.
Same applicable for https access as well.
For changing the admin ports, use the following commands:
config system global
set admin-port <integer> <----- for HTTPaccess.
set admin-sport <integer> <----- for HTTPS access.
set admin-ssh-port 22 <- - -- for SSH access.
set admin-telnet-port 23 <- ---- for Telnet access.
end
On the firewall GUI:
Go to System -> Settings, under 'Administration Settings' change the respective port numbers for access the firewall.
Results.
By default, it is possible to access the firewall with https://192.168.1.99 with default 443 port number with HTTPS access
Example.
By default, it is possible to access the firewall with https://192.168.1.99 with default 443 port number with HTTPS access
Example.
If the administrative access to the firewall with port 10443 instead of 443 is changed, access to the firewall as follows is necessary:
https://192.168.1.99:10443 to be able to access the firewall.
https://192.168.1.99:10443 to be able to access the firewall.
Related Article:
Technical Tip: How to change the port for the admin access to avoid port conflict
