Skip to main content
Arrowexpress
Arrowexpress
New Member
December 17, 2025
Question

Fortigate access blocked

  • December 17, 2025
  • 3 replies
  • 639 views

Hello dears!

 

I have been struggling to find a solution for my problem! 

by mistake I have activated the two way authentication token on my fortigate dashboard and I have only one account admin no backup account and no backup configurations as well ! 

I have tried to access through SSH. & serial port it keep asking for the token ! 

on mobile token I could generates the code but on dashboard it says that authentication failure ! 

3 replies

ozkanaltas
ozkanaltas
Valued Contributor III
December 17, 2025

Hello @Arrowexpress ,

 

If your version is 7.2.4 or lower, you can use the maintainer account to reset your password and token. 

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Resetting-a-lost-admin-password/ta-p/197045

 

Otherwise, you have to factory reset the device after than you can restore from backup if you have. 

 

 

    filiaks1
    filiaks1
    Explorer III
    December 17, 2025

    This seems bad but we learn from our mistakes.

    ezhupa
    Staff
    ezhupa
    Staff
    December 18, 2025

    If you do not have the possibility to use the maintainer account because you are on a newer version, the only possibilty is to enter boot menu via console and completely reset and upload an old config file without the 2FA enabled on it.

      AEK
      SuperUser
      AEK
      SuperUser
      December 18, 2025

      If you are certain that the token is correct, then it may be due to a time drift.

      Make sure your FGT and your mobile phone are synchronized (have the same time, no more than few seconds drift), and only then the token will work.

      AEK
        Arrowexpress
        ArrowexpressAuthor
        New Member
        December 19, 2025

        Thanks for answering! The thing is the time synced in the main configuration is not showing as it’s not based on the same country! Is there any possibility to check the time synced without the access on the dashboard? 

        AEK
        SuperUser
        AEK
        SuperUser
        December 20, 2025

        The devices can be in different timezone and the token will still work properly if they are both synced with NTP.

        I don't know how you can check for your firewall, but at least check if your mobile phone is synced.

        AEK
        Terms & ConditionsAccessibility statement