Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
bcieszewski
New Contributor

Created on ‎03-07-2024 12:23 AM

Can't login to Fortigate GUI while SSH works

Hi, 

I'm running  FortiGate-VM64 v7.4.3,build2573,240201 (GA.F) on eval license:

License Status: Valid
License Expiration Date: 2024-05-06

 

Since I installed the eval license GUI admin access stopped working. After one login attempt (with proper credentials) I instantly get "Too many login failures. Please try again in few minutes".

 

If I refresh the page, the login form is locked with the error "Too many bad login attempts or reached max number of logins. Please try again in a few minutes"

 

I tried to change  admin-lockout-duration to 5, but the lockout did not disappear

 

The current global config and admin config looks like this:

 

 

 

config system global
set admin-https-redirect disable
set admin-sport redacted
set admintimeout 60
set alias "redacted"
set gui-auto-upgrade-setup-warning disable
set gui-local-out enable
set hostname "redacted"
set sslvpn-web-mode enable
set timezone "US/Pacific"
end


config system admin
edit "adm_marcin"
set accprofile "super_admin"
set vdom "root"
set password ENC redacted
next
edit "adm_bartek"
set accprofile "super_admin"
set vdom "root"
set password ENC redacted
next
end

 

 

Screenshot 2024-03-07 at 09.13.03.png 

Labels:
389
0 Kudos
3 REPLIES 3
ozkanaltas
Contributor III

Created on ‎03-07-2024 12:31 AM

Hello @bcieszewski ,

 

You can wait 5 min (default admin lockout time) or you can access from another IP address to Fortigate. 

 

Fortigate just keeps the IP address of the trying user. If you change your IP address you can try to login again.

 

About changing admin lockout time, Your workaround not working because Fortigate already banned your IP address according to your old lockout time setting. 

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
381
AEK
SuperUser
SuperUser

Created on ‎03-07-2024 02:07 AM

Hi

Change the IP of your PC and try again.

AEK
AEK
359
jera
Staff
Staff

Created on ‎03-08-2024 01:59 AM

Hi @bcieszewski

 

If changing of IP didn't work, you can go through these troubleshooting steps:

https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Cannot-access-the-FortiGate-web-admi...

JE
322
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.