Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ryoukarla
New Contributor

Another Used Fortigate Question

I didn't see anything specific to this question answered.

If you purchase a used fortigate and are unable to transfer ownership (such as the case with a decommissioned firewall) is it 'safe' to use?

I ask because i have two 60D firewalls for personal use, after connecting the firewalls to the internet they show as registered under FortiCare. I saw other posts saying to open a ticket with Fortinet to have it transferred but these units cannot have a ticket open because they've been deemed decommissioned.

I don't really care so much about them being transferred to me, i just want to ensure that with them being registered to someone else that there's not a back door in through FortiCloud or a way to pull/view my configs.

Is there a way to turn off all contact to FortiNet/FortiCloud services?

I saw the command that was introduced in I think 6.2 but these are on 5.6.4. I think firmware was only supported up til 6.0 anyways for the 60D.

2 REPLIES 2
Yurisk
Valued Contributor

Forticare is about firmware updates, hardware guarantee for replacements of faulty parts and such. For Forticloud to store configs/logs there should be configuration in this FOrtigate to tell it so, e.g. Log Settings -> Cloud Logging. 

 

BTW transferring ownership is about opening ticket with Customer Service, not TAC, so you don't need valid contract for the Fortigate to open a ticket with CS. They do ask the previous owner to confirm the transfer though. 

 

Anyway, you can stop Fortigate communicating with the FortiGuard cloud in System -> FortiGuard -> Override FortiGuard servers, put any random IP there and disable option to fall back to public servers.  But in my view, it would be easier/peace of mind to back up the config (just in case) and reset the Fortigate to the factory defaults - it would boot up without Forticare registration, but all features (non-subscription based) would work just fine.

 

 

Yuri
https://yurisk.info/ blog: All things Fortinet, no ads.


All opinions are mine only.
Debbie_FTNT
Staff
Staff

Hey ryoukarla,

as Yurisk mentioned, factory-resetting the units should take care of any previous registration/connection/whatever that might still be buried in the config.

Do note however that there are some vulnerabilities in older firmware versions that you would be exposed to with the old 5.6 version, so you might want to disable any and all access from the internet, including SSLVPN (as there are some vulnerabilities for that as well).

You can check here for potential vulnerabilities you might be exposed to:
https://www.cvedetails.com/vulnerability-list/vendor_id-3080/Fortinet.html
https://www.fortiguard.com/psirt?product=FortiOS

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++