Description

This article describes the steps to take on a managed FortiSwitch or standalone FortiSwitch to disable console access.

Scope

FortiSwitch 7.2.0 or above.

Solution

On a managed FortiSwitch, the console access on FortiSwitch can be disabled as follows:

On FortiGate:

config switch-controller switch-profile

edit {default | <FortiSwitch_profile_name>} <- Default will apply the configuration for all managed FortiSwitches.

set login disable <- Enabled by default.

end

On Standalone FortiSwitch the configuration is almost the same:

config system console

set login disable

end

After these configurations, no user would be able to log into FortiSwitch using the console port. Note that only performing a factory reset to the device or enabling the access back through SSH or Telnet would make it possible to access the FortiSwitch using the console port.