Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
DeerTracks3512
New Contributor II

Created on ‎01-02-2022 02:54 PM Edited on ‎01-02-2022 02:59 PM

FortiGate 90E - lost access

Hello,

 

I'm attempting to access an old FortiGate 90E that I had setup. I hooked up the console cable and was able to access it via putty using my old credentials. I attempted to use the command found in some documentation. 

 

CLI Commands

https://help.fortinet.com/fauth/5-3/Content/Admin%20Guides/5_3%20Admin%20Guide/200/204_CLI_commands....

 

netmask342245.PNG

 

It seems like this command wasn't recognized. 

port.png

 

Here is the version of the firewall.

port1.png

 

I'm pretty certain the firewall used to be configured so that someone could access the GUI through one of the ports on the firewall, but I cannot remember which port it could be. Is there a way for me to list the IPs each port is assigned to? What is the best way for me to access this firewall without messing up the configuration to much? 

 

Thank you! 

Labels:
6938
0 Kudos
1 Solution
AlexC-FTNT
Staff
Staff
In response to DeerTracks3512

Created on ‎01-03-2022 07:28 AM

you may have "multi-vdom" enabled in FortiGate, so try first to run "config global", then run the commands above


- Toss a 'Like' to your fixxer, oh Valley of Plenty! and chose the solution, too00oo -

View solution in original post

6868
12 REPLIES 12
dan
Contributor

Created on ‎01-02-2022 10:08 PM Edited on ‎01-03-2022 02:01 AM

The link is from FortiAuthenticator and not applicable to  FortiGate.

When you are on the console and logged in, what about typing a question mark (?) now and then and go from there?

 

Other hints:

 

?

show 

config ?

config system interface

edit ?

 

 

 

etc...

 

 

 

 

 

 

Dan

 

 

Networking and such...
Networking and such...
5405
0 Kudos
Yurisk
SuperUser
SuperUser

Created on ‎01-03-2022 03:55 AM

To get the missing info for GUI management access, run: 

 

show sys admin  <-- To show IPs/users allowed to access the FGT GUI

show full | grep admin-sport  <-- To show on what HTTPS port admin GUI is listening.

show sys int <-- To show interfaces and their IPs

 

Yuri Slobodyanyuk
Yuri Slobodyanyuk
5395
0 Kudos
DeerTracks3512
New Contributor II
In response to Yurisk

Created on ‎01-03-2022 06:24 AM

Thank you for this information. I was able to get the port # using the second command you referenced, but the other commands do not appear to be working. Here is the terminal. 

 

port2.PNG

 

What else could I try? 

 

Another note. I'm currently accessing the firewall through PuTTY and the cli input is very laggy. I need to repeatedly press keys to actually get the text to input. Entering commands into the terminal is not smooth at all. Is this normal? 

5385
0 Kudos
AlexC-FTNT
Staff
Staff
In response to DeerTracks3512

Created on ‎01-03-2022 07:15 AM Edited on ‎01-03-2022 07:15 AM

# shows that you are privileged user

If you look for the GUI access you need to find the IP of the interface and check that HTTP/HTTPS access is enabled. You would access GUI over the port 8443.
Try https://fortigateIP:8443
Normally, when you access the FG from LAN, the management IP of the FortiGate is the Gateway iP received by the PC.
This may also help:#diag ip address list 


- Toss a 'Like' to your fixxer, oh Valley of Plenty! and chose the solution, too00oo -
5374
DeerTracks3512
New Contributor II
In response to AlexC-FTNT

Created on ‎01-03-2022 08:04 AM

Is SNMP-INDEX the port #? I think I've identified which port is being used for access. I've included the picture below. I need to assign that port to a new IP address. How do I do that? I want to assign this to 10.0.0.18/24

 

Does this look correct for GUI access? 

 

port4.PNG

 

 

5343
0 Kudos
AlexC-FTNT
Staff
Staff
In response to DeerTracks3512

Created on ‎01-04-2022 12:10 AM

The questions that you ask are very basic and the answers can be found in both available documentation and any search engine results. I would recommend you to read the Handbook to familiarize yourself with the firewall and its capabilities: 
https://docs.fortinet.com/document/fortigate/6.0.0/handbook/223745/getting-started

 

Some of your questions have already been answered:
How to change the port for the admin access to avoid port conflict
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-change-the-port-for-the-admin-acces...
Administrative access to interfaces
https://docs.fortinet.com/document/fortigate/6.0.0/handbook/909236/configuring-administrative-access...


- Toss a 'Like' to your fixxer, oh Valley of Plenty! and chose the solution, too00oo -
5257
DeerTracks3512
New Contributor II
In response to AlexC-FTNT

Created on ‎01-04-2022 04:10 AM

Alright. Thank you for the reply.

5250
0 Kudos
Yurisk
SuperUser
SuperUser
In response to DeerTracks3512

Created on ‎01-03-2022 07:28 AM

Do you have VDOMs enabled on this FGT by any chance ?

Try: 
config vdom 

edit <TAB> <-- Does it show VDOMs names ? 

Yuri Slobodyanyuk
Yuri Slobodyanyuk
5364
Debbie_FTNT
Staff
Staff

Created on ‎01-03-2022 06:52 AM

Hey DeerTracks,

 

do you happen to recall if your admin user has full access permission? It sounds a bit as if your admin might be restricted, which would limit your visibility on the GUI.
Try this:
get system interface
-> this should definitely show output if your admin user has permission to view/edit interfaces
get system admin
-> same as above, should show output if your admin user has permission to view/edit other admins

 

If you don't get any output like this either, then your admin is very likely to have restricted permissions and you would not regain full access to the FortiGate that way. In that case, you might have to look at the maintainer procedure: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Reset-a-lost-admin-password-on-a-FortiGate...  (this might be disabled on your FortiGate, and you might not be able to enable it depending on your privileges), or you might need to consider factoryresetting/wiping the unit and reinstalling firmware. That would include a loss of configuration, however.

 

As for PuTTY being laggy - your FortiGate is on an older version, and I don't know what is going on with it, but version 6.2.0 did have some bugs that could impact performance.
You can run 'get system performance status' to have an idea of CPU/memory usage etc. You can run 'diagnose debug crashlog read' to get the crashlog and see if any processes are crashing constantly and impacting its performance

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++
5377
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.