Tuesday, February 26, 2013

Fortigate firewall Password Recovery simple as 1 2 3


I've been on the road on vacation for a few days now. But figure I would post about the password recovery of a fortigate firewall.

In order to recovery a fortigate that your locked out of, you will  need to be on the console. That means a local console port+cable. 

The recovery process is simple;


 Locate your serial #. This number typically starts with FGTFG or FWF for wireless models  and will be on a tag at the back or bottom of the chassis.

eg serial numbers located on a FGT200A and FWF60D


Set you console program with 9600 8 no-parity 1 stop bit  and cable into the unit ( 9600 8 n 1 )


Power cycle the unit and upon the  login

Insert maintainer for the username
and the unit serial # in the format of bcpb<SERIALNUMER>

That's how simple  it is for password recovery of fortigate firewall, once logged in, You can config system admin a new password/account or factory reset the  unit.

Ken Felix

Freelance Network/Security Engineer

kfelix  at hyperfeed  dot com

1 comment:

  1. You can disable this access by issuing the following commands:

    fgt # config system global
    fgt (global) # set admin-maintainer disable
    fgt (global) # end