DescriptionThis article explains what to do if the admin user lost his FortiToken or if the Token is not working.SolutionIn this case, the only option is to Flash Format the device.Refer to the attached KB to format the boot device and reload the firmware image.After reloading the image, before uploading the latest config file, remove the "Two-factor" lines / config from the back up as mentioned below : 1) Open the config file and search for particular 'Admin' using the name:It will look like below : # edit "Test"
set accprofile "prof_admin" <----- (or) set accprofile "super_admin"
set vdom "root"
set two-factor fortitoken
set fortitoken "FTKxxxxxxxxxx"
set email-to "adminxzx@fortixie1233.com"
set password ENC SH2BsE7VSvHKynpoY1nOupdfaefe/n+JaPrCMPFADY2U5kLUPnZwuitOpNz35YI=
next
end
The admin name is the name that is usually entered while logging in to FortiGate in the "Username" field.
"Test" is shown in the example just for the representation, change the name according to the settings.
Replace the commands above by removing few lines like below :
# edit "Test"
set accprofile "prof_admin" <----- (or) set accprofile "super_admin"
set vdom "root"
set password ENC SH2BsE7VSvHKynpoY1nOupdfaefe/n+JaPrCMPFADY2U5kLUPnZwuitOpNz35YI=
next
end
Related Articles
Technical Tip: Formatting and loading FortiGate firmware image using TFTP
Technical Tip: Resetting a lost Admin password
