Skip to main content
DeerTracks3512
DeerTracks3512
Explorer
January 2, 2022
Solved

FortiGate 90E - lost access

  • January 2, 2022
  • 3 replies
  • 9374 views

Hello,

 

I'm attempting to access an old FortiGate 90E that I had setup. I hooked up the console cable and was able to access it via putty using my old credentials. I attempted to use the command found in some documentation. 

 

CLI Commands

https://help.fortinet.com/fauth/5-3/Content/Admin%20Guides/5_3%20Admin%20Guide/200/204_CLI_commands.htm

 

netmask342245.PNG

 

It seems like this command wasn't recognized. 

port.png

 

Here is the version of the firewall.

port1.png

 

I'm pretty certain the firewall used to be configured so that someone could access the GUI through one of the ports on the firewall, but I cannot remember which port it could be. Is there a way for me to list the IPs each port is assigned to? What is the best way for me to access this firewall without messing up the configuration to much? 

 

Thank you! 

Best answer by AlexC-FTNT

you may have "multi-vdom" enabled in FortiGate, so try first to run "config global", then run the commands above

3 replies

dan
dan
Explorer II
January 3, 2022

The link is from FortiAuthenticator and not applicable to  FortiGate.

When you are on the console and logged in, what about typing a question mark (?) now and then and go from there?

 

Other hints:

 

?

show 

config ?

config system interface

edit ?

 

 

 

etc...

 

 

 

 

 

 

Dan

 

 

Yurisk
SuperUser
Yurisk
SuperUser
January 3, 2022

To get the missing info for GUI management access, run: 

 

show sys admin  <-- To show IPs/users allowed to access the FGT GUI

show full | grep admin-sport  <-- To show on what HTTPS port admin GUI is listening.

show sys int <-- To show interfaces and their IPs

 

DeerTracks3512
DeerTracks3512Author
Explorer
January 3, 2022

Thank you for this information. I was able to get the port # using the second command you referenced, but the other commands do not appear to be working. Here is the terminal. 

 

port2.PNG

 

What else could I try? 

 

Another note. I'm currently accessing the firewall through PuTTY and the cli input is very laggy. I need to repeatedly press keys to actually get the text to input. Entering commands into the terminal is not smooth at all. Is this normal? 

AlexC-FTNT
Staff
AlexC-FTNT
Staff
January 3, 2022

# shows that you are privileged user

If you look for the GUI access you need to find the IP of the interface and check that HTTP/HTTPS access is enabled. You would access GUI over the port 8443.
Try https://fortigateIP:8443
Normally, when you access the FG from LAN, the management IP of the FortiGate is the Gateway iP received by the PC.
This may also help:#diag ip address list 

    Debbie_FTNT
    Staff & Editor
    Debbie_FTNT
    Staff & Editor
    January 3, 2022

    Hey DeerTracks,

     

    do you happen to recall if your admin user has full access permission? It sounds a bit as if your admin might be restricted, which would limit your visibility on the GUI.
    Try this:
    get system interface
    -> this should definitely show output if your admin user has permission to view/edit interfaces
    get system admin
    -> same as above, should show output if your admin user has permission to view/edit other admins

     

    If you don't get any output like this either, then your admin is very likely to have restricted permissions and you would not regain full access to the FortiGate that way. In that case, you might have to look at the maintainer procedure: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Reset-a-lost-admin-password-on-a-FortiGate-unit/ta-p/194937  (this might be disabled on your FortiGate, and you might not be able to enable it depending on your privileges), or you might need to consider factoryresetting/wiping the unit and reinstalling firmware. That would include a loss of configuration, however.

     

    As for PuTTY being laggy - your FortiGate is on an older version, and I don't know what is going on with it, but version 6.2.0 did have some bugs that could impact performance.
    You can run 'get system performance status' to have an idea of CPU/memory usage etc. You can run 'diagnose debug crashlog read' to get the crashlog and see if any processes are crashing constantly and impacting its performance

    DeerTracks3512
    DeerTracks3512Author
    Explorer
    January 3, 2022

    Thank you for this response. I'm pretty certain that this account does have full privileges. Here is the output from the commands you specified. Is there anyway for me to explore all the users that are registered with this firewall? 

     

    port3.PNG

    AlexC-FTNT
    Staff
    AlexC-FTNTAnswer
    Staff
    January 3, 2022

    you may have "multi-vdom" enabled in FortiGate, so try first to run "config global", then run the commands above

      Terms & ConditionsAccessibility statement