To connect to Fireware Web UI, use a web browser to specify the IP address of the Firebox's trusted or optional interface and the port number. Connections to the Web UI are encrypted with HTTPS. When you type the URL in your browser, make sure to type https at the start of the URL, not http.
By default, the port used for the Web UI is 8080. The URL to connect to the Web UI in your browser is:
<Firebox-IP-address> is the IP address assigned to the trusted or optional interface on your device. When you make this connection, the browser loads the login page. The default URL for a WatchGuard Firebox is:
You can change the IP address of the trusted network to a different IP address. For more information, see Common Interface Settings.
In Fireware v12.5.4 or higher, the Firebox requires the web browser to support TLS 1.2 or higher.
For example, to use the default URL to connect to your device:
- In a web browser, go to https://10.0.1.1:8080.
A security certificate notification appears in the browser.
- When you see the certificate warning, click the option to continue. For example, in Internet Explorer, click Continue to this website. In Firebox, click Add Exception.
This warning appears because the certificate the Firebox uses is signed by the WatchGuard Certificate Authority, which is not in the list of trusted authorities on your browser. To avoid this warning, you must permanently accept the certificate, or generate and import a certificate for the device to use. For more information, see About Certificates.
- In the User Name text box, type the username.
- In the Passphrase text box, type the passphrase.
- If you specify the Firebox-DB username admin, type the Configuration (read-write) passphrase.
- If you specify the Firebox-DB username status, type the Status (read-only) passphrase.
- From the Authentication Server drop-down list, select the authentication server for the user you specified.
- For Active Directory authentication, in the Domain text box, type the domain name of your Active Directory server.
- (Fireware v12.5 or higher) For RADIUS authentication, in the Domain text box, type the domain name specified in the RADIUS configuration on the Firebox.
If your configuration includes a RADIUS server, and you upgrade to Fireware v12.5 or higher, the Firebox automatically uses RADIUS as the domain name for that server. To authenticate to that server, users must select RADIUS as the server and type RADIUS as the domain name.
- Click Log in.
By default, the Firebox configuration only allows connections to Fireware Web UI from the trusted and optional networks. To change the configuration to allow connections to the Web UI from the external network, see Connect to Fireware Web UI from an External Network.