Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ajoe
Staff
Staff

Created on ‎04-22-2020 01:39 AM Edited on ‎12-04-2024 02:44 AM By Community Manager

Article Id 190050

Technical Tip: Administrative access - disable Telnet permanently

Description


This article describes the option to disable Telnet access to FortiGate permanently.

 

Scope

 

FortiGate.

Solution


In v6.2.0, the option has been added that completely disables Telnet, removing the GUI options per interface and disabling the Telnet daemon.

When Telnet is disabled, the Telnet port cannot be configured and access cannot be enabled on interfaces.

To disable Telnet.

 

config system global
    set admin-telnet disable
end

 

When disabled, the Telnet port is removed from the System -> Settings, and Telnet is no longer an administrative access option on the Network -> Interfaces.


 


To enable telnet execute the below command.

 

config system global
    set admin-telnet enable
    set admin-telnet-port <port>
end


Note:

When the admin-telnet command is disabled in a FortiGate 6000F, 7000E, or 7000F platform, the command 'execute load-balance slot manage <slot-id>' returns a 'Connection timeout' message. Re-enabling the admin-telnet feature will not re-grant telnet access and a 'Connection timeout' message will still be displayed. A unit reboot can fix the problem.

15033
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.