Lost Access to Firewall

Forum|Forum|4 years ago
October 6, 2021
1 reply
4772 views

Dear Community,

unfortunately, I have a bigger problem. I created a super-admin with a Fortitoken. Due to a defect, I had to factory reset my smartphone, and therefore I lost my Fortitoken. So I can no longer log into the firewall. I have a backup file with Fortitoken already activated, and the backup file is unfortunately also password encrypted, which is why I cannot remove the 2 factor line. Unfortunately, the maintainer account is also no option because the command Full Config is deactivated. Does anyone have any idea whether there is a possibility to activate the command Show Full Config for the maintainer account, or if there is any other possibility without having to reset up my entire system?

Thank you very much

FortiToken

lobstercreed

New Member

I'm confused what you mean about the command full config being disabled. Do you mean maintainer account has been disabled? If not, you can modify (or create a new) local admin account without FortiToken while logged in as maintainer. Then log in with the modified/new account to get things back where they should be. See KB here: https://kb.fortinet.com/k....do?externalID=FD34757

reinhard_creAuthor

New Member

Yeah, that I have known, but my Problem is that when I log in with maintainer I only can change the password off the user and can't disable fortitoken. So there is after that a new password, but fortitoken is still enabled.

lobstercreed

New Member

Is that the only admin account on the whole firewall? Can the maintainer account not also create a new user account? I'm not sure the answer to the 2nd question. The first should never be yes (big mistake to learn from if so). If so then I guess maybe you are out of luck. I would have thought you could run a CLI command to remove FortiToken from maintainer though.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded