Skip to main content
Matt__
Matt__
New Member
March 24, 2017
Question

Locked myself out as admin FWF 60C

  • March 24, 2017
  • 1 reply
  • 5182 views

Sometimes I think I know what I'm doing and then I change something like this and bang my head against the wall :s

 

I have a FWF 60C, connected to ADSL modem to wan1 port, one computer connected on port1 on FWF. Upgraded to latest 5.2 build, then went into the interface settings, went into the lan interface and changed the gateway IP and the DHCP range to a range based on the new GW IP.

 

Restart the computer, DHCP is delivering a new IP address fine, internet works fine, can go to FWF login screen via new GW ip address but refuses to login with admin account now. The only thing I think I could of disabled on the interface was HTTP connection, but left HTTPS and the login screen redirects to https:// no other settings were changed. What setting did I miss to get this working and how do I go about logging into the unit again? I've tried ssh with admin and root as user and pass and it's denied.

1 reply

AlastairHill
AlastairHill
New Member
March 24, 2017

Hi Matt

 

If the admin password isn't working you can try and reset it via the below fortinet link

 

http://docs.fortinet.com/uploaded/files/1708/Resetting_a_lost_admin_password.pdf

 

Alastair

ede_pfau
SuperUser
ede_pfau
SuperUser
March 24, 2017

There's no security without physical security.

 

Good for you. You can establish a (telnet) session via the Console port. Every FGT has a serial cable with RJ45 to DB9 in the box. Connect a serial port to the FGT, with 9600-8-N-1 settings, and log in.

If you cannot find a PC with a serial port (it could be any, even a borrowed one for 5 minutes), get a USB-to-serial adapter and try that.

For a terminal emulator software, use HyperTerm, AFAIK it's still included in Windows. Even if not, use putty or get the private (=free) edition of HT.

 

In contrast to the ethernet ports one cannot prohibit admin access to the serial port. When you're back in, check the Trusted Hosts settings in the admin user's profile (conf system admin).

Terms & ConditionsAccessibility statement