If FortiDDOS default 'Admin' Password is lost by any means then there are 2 Ways to recover it.
Method 1.
If there is any user account access other than 'admin' that has administrative rights: 1) Login into GUI with a secondary account. 2) From GUI, take a backup of the configuration. 3) Open the configuration file in a text editor or Word. 4) Modify the config as follows: - Find this section:
# config system admin edit admin set access-profile super_admin_prof set password ENC $1$81eeea93$EndOtibgyrAaVdKEESRl.0 next
(The set access-profile and set password lines may be in the opposite order. That does not matter.
The string after 'ENC' will be different than that shown above, as it is a hash of the password.)
- Delete the line:
set password ENC $1$81eeea93$EndOtibgyrAaVdKEESRl.0
- After deleting, it should be like:
# config system admin edit admin set access-profile super_admin_prof next
5) Save this edited configuration with a meaningful name as a text file. 6) From the GUI, restore the new configuration file saved above. The system will reboot, the configuration will be restored and the admin password will become admin/null. 7) Login as admin/null: - Prior to Release 5.2.0, after login, proceed to System -> Admin and change the Admin password. - From Release 5.2.0 it is required to enter a new Admin password before login. 8) Check the configuration. 9) Back up the latest configuration.
Method 2: BIOS.
If there is no other user account with administrator access to the system: NOTE:
This method removes ALL system configuration, data, and report information from the system. If there is no backup configuration, it will be necessary to completely re-configure the system as a new installation.
1) Reinstall the current firmware release using, via Console using BIOS/TFTP.
This will remove all configuration and reporting data. See the Release Note for the current firmware release using instructions to upload via BIOS. It is important to use the same firmware release or it will not be possible to re-install the configuration file. If there is a backup configuration file, the Release information is in the first line of text and will look like this: FI400B-4.02.01-FW-build0304
In this case, the release is 4.2.1. Ignore the build number. 2) Use a text editor to edit the backup configuration file to remove the admin password 3) Find this section:
# config system admin edit admin set access-profile super_admin_prof set password ENC $1$81eeea93$EndOtibgyrAaVdKEESRl.0 next
(The set access-profile and set password lines may be in the opposite order. That does not matter. The string after 'ENC' will be different than that shown above, as it is a hash of the password). 4) Delete the line:
set password ENC $1$81eeea93$EndOtibgyrAaVdKEESRl.0
5) After deleting, it should be like:
# config system admin edit admin set access-profile super_admin_prof next
6_ Save the new configuration with a meaningful name as a text file. 7) Connect directly to the Console port and log in with admin/null. 8) From the Console, enter a new MGMT1 IP address:
# config system interface edit mgmt1 set ip x.x.x.x/24 set allowaccess https ping ssh snmp http telnet sql end
9) Connect to the Mgmt1 port directly or via the same subnet as configured above, for that port. 10) Login. - Prior to Release 5.2.0, login as admin/null - From Release 5.2.0, login as admin, it will be required to enter a new Admin password before login. 11) Restore the new configuration you saved above. The system will reboot, the configuration will be restored and the admin password will remain or revert to admin/null. 12) Login as admin/null. - Prior to Release 5.2.0, after login, proceed to System -> Admin and change the Admin password. - From Release 5.2.0 it will be required to enter a new Admin password before login. 13) Backup the latest configuration.
|