Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ckteur
New Contributor II

Unable to connect on gates after backup restored

Hello,

 

I have restored an archive on cluster of 2 gates from the master gate, but now it's unable to connect (GUI, CLI, console ..) with anyone local account on them .....

 

This cluster is in production and all the traffic is ok  ;  On Fortimanager, members are ok and synchronized , the state (active-passive) is ok ; I can push new configuration from FM to Gates etc...  

 

All to be seems ok but impossible to connect on gates !

 

I have tried to push a retrieve since FM but same result.

 

Any idea please ??

For information, the maintaner function is disabled.

 

 

Thanks

11 REPLIES 11
ndumaj
Staff
Staff

Hello @ckteur 

What is the error you are facing?
Have you tried to log in via VM console?

BR

- Happy to help, hit like and accept the solution -
ckteur
New Contributor II

Hello @ndumaj ,

 

The error when I try to connect is "authentication failure" but the ID & PWD are ok.

VM console ?? -> The gates are appliances.

 

Thanks

ndumaj

Hello @ckteur 

What is the Fortigate model and firmware version?

BR

- Happy to help, hit like and accept the solution -
ckteur
New Contributor II

Fortigate 600D with 6.4.14 firmware

 

BR

ckteur
New Contributor II

For information , same problem from CLI console on Fortimanager

 

BR

ndumaj

Are you able to log in with admin remote users(LDAP users)?


BR

- Happy to help, hit like and accept the solution -
ndumaj

Check this setting:

config system global
    set admin-restrict-local {enable | disable} <----- Default is set to disable.
end

 

 

If enabled, as long as any remote server is available on FortiGate (TACACS, LDAP, or RADIUS) is up and running, local admin authentication will be blocked. Local admins will be allowed access only if no remote server is detected.

Not sure how it looks in 6.4.14
https://docs.fortinet.com/document/fortigate/7.6.0/new-features/685134/restrict-local-administrator-...

- Happy to help, hit like and accept the solution -
ckteur
New Contributor II

This parameter is "disabled" on configuration

 

BR

ndumaj

I would try through the device console:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-connect-to-the-FortiGate-console-po...

BR

- Happy to help, hit like and accept the solution -
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors