Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
pquiroz
New Contributor

Created on ‎12-13-2024 10:00 AM

Problem with Fortinet 100E

Hello everyone, I'm from Mexico.

I have a big problem, recently I have problems accessing my fortinet because it sends an error that says "Authentication failure" and does not let me access.

 

error.png



I have tried to access via forticloud, console cable and locally and I get the same problem.

What I found is that we have suffered from a vulnerability called "FG-IR-23-475": FortiOS - SSLVPN session hijacking using SAML authentication
A session fixation vulnerability [CWE-384] in FortiOS may allow an unauthenticated attacker to hijack user session via a phishing SAML authentication link.

So I don't have access in any way. Is there any way to access it?

To update the firmware can I do it through the forticloud Premium subscription since I currently do not have it.

Note: I currently have the OS version: 7.2.6

Labels:
351
0 Kudos
7 REPLIES 7
dingjerry_FTNT
Staff
Staff

Created on ‎12-13-2024 01:57 PM

Hi @pquiroz ,

 

I assume you have local access to the FGT device.

 

What is the type of your account?  Local or remote?

 

Please check this KB article since your FortiOS is 7.2.6 and the maintainer is not feasible for you to reset the admin password:

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Removal-of-maintainer-account-feature/ta-p...

Regards,

Jerry
323
0 Kudos
pquiroz
New Contributor
In response to dingjerry_FTNT

Created on ‎12-16-2024 11:44 AM

I don't have local access, it keeps giving the same error.

I think that if I downgrade it I could use the maintainer user, but is this possible?

235
0 Kudos
Toshi_Esumi
SuperUser
SuperUser
In response to pquiroz

Created on ‎12-26-2024 08:40 AM

If you go back to previous version with the config at that time by following below, you maybe able to get in again because that config wouldn't have been tampered.
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Boot-the-backup-firmware-and-config-via-co...

If even that option doesn't work, your only option might be getting into the boot menu again and loading up the image of the current version (the config is the factory default), then load up a backup config.

Toshi

165
pavankr5
Staff
Staff

Created on ‎12-26-2024 04:31 AM

Hello @pquiroz 

To troubleshoot an 'Authentication failure' error with FortiToken Cloud. 

Connect to the FortiGate via Console Cable: Refer to this guide for detailed instructions on connecting to the FortiGate console port:

Technical Tip: How to connect to the FortiGate console port

Thanks,

Pavan

181
0 Kudos
kaman
Staff
Staff

Created on ‎12-27-2024 02:30 AM

Hello @pquiroz,

You have to Format and load the FortiGate firmware image using TFTP 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Formatting-and-loading-FortiGate-firmware-...

Regards,
Aman


134
0 Kudos
Renante_Era
Staff
Staff

Created on ‎12-27-2024 01:47 PM

If you're unable to access the FortiGate, then your next step is to factory reset the device which means you're going to lose the config. If you have a backup config, then you can restore the backup config on the same firmware version. If you don't have a backup config then you'll need to configure the FortiGate from scratch.
How To Reset To Factory Default Configura... - Fortinet Community

Resetting a lost admin password - Fortinet Community

BSCS, BCIS, MIT
119
0 Kudos
DianaButler
New Contributor

Created on ‎01-02-2025 05:40 AM

I had the same problem, And after a reset, it solved the problem.

35
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.