Skip to main content
mdeparisse_FTNT
Staff
mdeparisse_FTNT
Staff
January 9, 2021

Technical Tip: How to recover access to FortiManager or FortiAnalyzer when the admin password is lost on Hardware Products

  • January 9, 2021
  • 0 replies
  • 32744 views

Description


This article describes how to recover access to FortiManager/FortiAnalyzer Hardware when the admin password is lost, to restore access, download and install firmware from a local TFTP server, via Console on the FortiManager/FortiAnalyzer hardware.

To restore the old config back on the FortiManager/FortiAnalyzer, it is necessary to have a backup of the config and contact Fortinet Support to remove the password if unknown, before the restore process.

Note:
Installing firmware from a local TFTP server via console resets the FortiManager/FortiAnalyzer system settings to default.

Disclaimer:
After reloading the firmware image on the Hardware unit, make sure to reconfigure the System Settings accordingly, as explained at the end of this article.
Otherwise, it risks data loss and corruption.

Any action taken upon the information in this article is strictly at its own risk.

Scope

 

FortiAnalyzer.


Components.

  • Null modem, or DB9 to DB9 console connector cable. See also the related article, Serial cable pinouts for console access to Fortinet devices.
  • Ethernet RJ45 cable (depending on the hardware model).
  • Terminal client, such as a PC running HyperTerminal, PuTTY or similar.
  • TFTP server (the following is the recommended TFTP software), for example:

Solution

 

Steps to reset and push the new Firmware.

  1. Download the image for the FortiManager/FortiAnalyzer from the Fortinet Support Site.
    On the same website, download the <image name>.md5 file containing the MD5 checksum for the firmware image. Make sure to download the firmware version that is currently running on the machine to avoid any possible issues caused by a downgrade or unwanted upgrade.

  2. Check that the image is successfully downloaded and is not corrupted by comparing the generated MD5 sum against the one from the .md5 file.
  • Windows users may need to install additional software (such as md5summer).
  • Linux users can accomplish this with md5sum <filename>.
  • Mac OS X users can also use md5sum <filename>.

 

Note: Some console prompts in this procedure include a default value in square brackets, for example, [image.out]. To use this default value, press Enter.

 

  1. Connect the computer to the FortiManager/FortiAnalyzer unit using the modem cable.


Terminal client communication parameters.
8 bits
no parity
1 stop bit
9600 baud
Flow Control = None

 

  1. Restart the FortiManager/FortiAnalyzer.

     

  2. When the console displays 'Press any key to display configuration menu...', press the space bar or any other key. Note: The exact menus may vary with the different hardware models. Make sure to read the menu items first, before pressing keyboard buttons.

     

  3. When a list of choices corresponding to Alphabet letters comes up:

 

press-C.png
Press C to enter the TFTP parameters menu:

tftp-menu.png

 

  • Select P to specify which interface to be used by the TFTP client (usually PORT1).
  • Select I to configure the IP address of the selected interface (or D if the unit is connected to a DHCP enabled network, in which case skip steps 9 and 10).
  • Select S to set the subnet mask.
  • Select G to configure a default gateway IP (ignore if the unit is on the same network).
  • Select T to configure the IP of the TFTP server.
  • Select F to configure the firmware image name.

 

This normally looks like the following:

settings.png

 

  1. Upon finishing with the configuration, select R to review the settings:


review.png

 

  1. If the TFTP parameters are set correctly, press Q to return to the main menu. 
  2. Back in the main menu, press T to start the image transfer. 
  3. Connect the specified interface of the unit (usually PORT1) to the TFTP server network.
    If the everything is correctly configured, the console will start printing ##### ... indicating the file transfer progress.
  4. When the download completes and the console displays the prompt below, press D to save the image to the primary boot disk.


transfer.png

 

  1. When complete, the system will boot up in the factory default state.
 
This process resets all System Settings back to the factory default, but the configuration databases, logs and log databases are on a separate disk/RAID and should not be deleted. However, since the ADOMs are disabled by default, this may affect the storage quotas and the system may start deleting logs on the next quota enforcement interval.
 
To prevent that, re-configure as quickly as possible the network configuration, so the unit can be accessed via GUI and SSH. Then, re-enable ADOMs and make sure that the storage quotas are correctly set. After that, configure Advanced Mode, workspace/workflow mode, Workflow Approval, re-configure Administrators, profiles, SNMP, etc as needed.
 
Note that the FortiManager workflow sessions are not preserved, and will be purged after reloading the firmware image.
 

Related articles:

    Terms & ConditionsAccessibility statement