I've been on the road on vacation for a few days now. But figure I would post about the password recovery of a fortigate firewall.
In order to recovery a fortigate that your locked out of, you will need to be on the console. That means a local console port+cable.
The recovery process is simple;
1st
Locate your serial #. This number typically starts with FGT , FG or FWF for wireless models and will be on a tag at the back or bottom of the chassis.
eg serial numbers located on a FGT200A and FWF60D
2nd
Set you console program with 9600 8 no-parity 1 stop bit and cable into the unit ( 9600 8 n 1 )
3rd
Power cycle the unit and upon the login
Insert maintainer for the username
and the unit serial # in the format of bcpb<SERIALNUMER>
That's how simple it is for password recovery of fortigate firewall, once logged in, You can config system admin a new password/account or factory reset the unit.
Ken Felix
Freelance Network/Security Engineer
kfelix at hyperfeed dot com
You can disable this access by issuing the following commands:
ReplyDeletefgt # config system global
fgt (global) # set admin-maintainer disable
fgt (global) # end
cheers