Description | This article describes how to resolve most common scenarios faced when administrating the FortiGate, including some items such as what to do when an admin password is lost, and how to create alternative login options for emergencies. |
Scope | Any supported version of FortiGate. |
Solution |
The solution varies depending on the FortiOS version and the scenario.
Admin password is lost (no MFA enabled):
Admin password is lost (MFA enabled):
Regardless of the FortiOS version running on a given FortiGate unit, MFA cannot be disabled using the password reset method, so the only remaining option is to hard reset the unit. The procedure is the same as mentioned on the previous item.
Additional info: when a hard reset is done, the unit will return to default settings: IP Address: 192.168.1.99 username: admin password: <no password, leave this field blank>
It is recommended to have a backup config file stored on the system to avoid having to start configuring the unit from scratch. Now, it will not be necessary to modify it to avoid losing administrator access again after restoring it. To modify the config file as needed, refer to the steps below:
When editing a username that has two-factor enabled, it will be necessary to remove the configuration associated to the login with it by using only a username and password combination:
Tips and general recommendations for administrator users:
At any time, refer to the System administrator best practices documentation to get more info about how to secure the administrative access to FortiGate: Technical Tip: System administrator best practices, |
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Inappropriate Content
Great article @jtatis !! Keep it up!!