mess up settings on dedicated to fortiswitch

Question

Hi all, I am new here, also new when it comes to using fortinet devices,

A quick history.

I am an IT in a small company and recently we ask our ISP to install us a firewall and so they set up a FWF 30E. I am so noob on the device that I rarely touch settings although they gave us an access.

And recently our wifi started to act funny so I login to the device and check some settings, I was following a tutorial on fortinet cookbook which is available online when I might have mess up on settings on dedicated to fortiswitch, on the location: Network>Interfaces>dedicated to fortiswitch I remembered selecting LAN on the Role option then click save then alas!

next minute I couldn't access to the gui interface anymore.

So now here's the several problem it cause:

PC which is set to DHCP couldn't connect to the internet anymore, their IP address change incl default gateway so I have to set a static IP and the default gateway which is 10.10.1.254 - where I used to access the fortinet as well. Wifi is now completely not working although it SSID is still broadcasting, if I connect there is no define IP address and even if I try to set static IP address it still won't connect.

What I've done so far, tried to connect to CLI interface via ssh but cannot, also tried and use console cable but still cannot. Tried googling for hours and still haven't found a solution.

Only thing that I need is to gain access to our fortinet's settings again so I can undo what I've done.

Thank you and looking forward for some advice, assistance and or idea that might help me gain access to our device settings again.

ede_pfau · Accepted Answer

hi,CAPWAP is a management protocol with tunneling. When a port is dedicated to this it can only manage a CAPWAP device, such as a FortiSwitch or a FortiAP. Access via the console port is key. The cable used is the same as used with Cisco devices, nothing special. I am assuming you don't see anything when connecting via Putty. Check the speed settings for the console connection: 9600, 8, N, 1. When you hit the ENTER key you must get a (legible) prompt. If you don't, change the speed to the next higher up (19200, 38400,...115200), hit ENTER, until you get a prompt. Then log in.Type 'conf sys int, edit lan, show' and post the output.

ede_pfau · Answer

hi,

and welcome to the forums.

Basically, you have disabled the LAN interface if I've understood your story right. This port will only react to a protocol called CAPWAP now. No wonder the LAN DHCP server has ceased to exist.

What I cannot understand is that you can't get access through the console port. Is it that you cannot log in, or that you do not get a login prompt? Physical access is now what you need to correct the situation so we should solve this first.

It might be that other interfaces permit access via ssh or web but the default is that they don't.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded