FortiGate factory reset or password reset using console

FortiGate factory reset or password reset using console

^{Created: 2021-01-27 21:47:37 | Last modified: 2021-01-27 22:26:14}
^{Access: Read}^{| Views: 82}^{| Rating: N/A}^{| Tags: fortigate}
How to factory reset or recover password using the console.

Reset Device

When you can't get access to a FortiGate due to corrupt config an unknown password, there is a way to gain access and either reset the admin password or perform a factory reset on the device. To achieve this, you need access to the FortiGate's console port using a serial roll over cable.

1) Connect to the console port with your serial device using the following credentials;

Baud Rate (bps): 9600
Data bits: 8
Parity: None
Stop bits:1
Flow Control: None

2) Start the FortiGate from cold (warm reboot doesn't work) by either using the power switch or connecting the power cable

3) You will see the system boot and provide the serial number

4) At the login prompt, the username is maintainer and the password is serial number prepended with the letters bcpb, so in this case the login details are;

Username: maintainer
Password: bcbpFG100FTK200252

5) You only have 60 seconds from the time of boot to enter in these credentials, so sometimes the device takes a while to boot so only leaves 14 seconds or so to enter in these credentials.

Reset password

To reset the admin's password, use the following commands

config system admin
  edit admin
    set password THE_NEW_PASSWORD
  end
end

Factory reset the device

To factory reset the device, use the following commands

execute factoryreset