This message could indicate that you provided incorrect credentials, or that management client couldn't connect to management server. You could try stopping management server and creating new superuser account to SMC with <smc_home>\bin\sgCreateAdmin.bat script. After creating the account, restart the management server and try logging in with new account. If this does not help, and you have valid grant number for your SMC installation, I would recommend that you open Service Request to McAfee tech support.
For the rule question, are you talking about adding rule on the NGFW engine that does destination address translation from public (NAT) IP address to your internal/dmz server's private IP? If you're talking about destination NAT, please check this online help page: