Fortinet/General
Contents |
Reference Material
FOS cookbook
Fortinet CLI Reference
Connecting
All information about connecting was obtained from this site
MAC OSX
Requirements
- USB to Serial adapter & software if needed (unless your MAC has a serial port)
- Console Cable
Software
The one you need may be listed or you may have to find it yourself.
Keyspan
FTDI USB Serial
Prolific PL2303
Personal Use
I use the following equipment:
|
.jpg) |
 |
 |
Connection
After installing the appropriate USB to Serial Driver, plug in your USB to Serial device and then check to see if it is properly recognized.
Open Terminal ~$ ls /dev/cu.* /dev/cu.Bluetooth-Incoming-Port /dev/cu.KeySerial1 /dev/cu.Bluetooth-Modem /dev/cu.USA19Hfa13P1.1
Look for something similar to USB, Serial, or the name of your device. In the case above, the correct selection is
/dev/cu.USA19Hfa13P1.1
Connect the console cable to the Fortigate device. Do not connect power yet.
Start the connection with:
~$ screen /dev/cu.USA19Hfa13P1.1 9600 (screen device baudrate)
Connect power to the Forigate device.
You may have to hit enter before the FGT login prompt appears
At this point you should see the following:
FGT-60XXXXXXXXXX login:
Disconnecting
If you disconnect by closing the terminal window, you'll need to unplug the USB to serial device and reconnect it as the hardware will still be dedicated to the old session.
Windows
Lost Admin Password
Information obtained from this site
Follow the steps to connect (Mac) as listed above.
Once connected and at the login screen, plug the power cable on the Fortigate Firewall and wait (10) seconds, then plug it back in. You should see something like this:
FGT-60XXXXXXXXXX login: FGT60 (11:24-04.25.2005) Ver:04000000 Serial number:FGT-60XXXXXXXXXX RAM activation Total RAM: 128MB Enabling cache...Done. Scanning PCI bus...Done. Allocating PCI resources...Done. Enabling PCI resources...Done. Zeroing IRQ settings...Done. Verifying PIRQ tables...Done. Boot up, boot device capacity: 30MB. Press any key to display configuration menu... ...... Reading boot image 1340164 bytes. Initializing firewall... System is started.
Username is: maintainer
Password is: bcpb + serial number
ie. bcpbFGT60C3G10016011 ie. bcpbFTG-602505516011
The serial number has to be (13) characters. If it is only (12), you have to add a dash (-) like I did with the second example.
Also, the username/password MUST be entered in within 14 seconds of the login prompt. copy and paste is recommended.
Reset admin - no vdoms
Once logged in with the maintainer account, do the following
config system admin edit admin set password <psswrd> end
Reset admin - vdoms
config global config system admin edit admin set password <psswrd> end
Maintainer Account
Information obtained from this site
Used for emergencies, can only be logged into within (14) seconds of boot up
Enable
Once logged in with an admin account:
config system global set admin-maintainer enable end
Disable
Once logged in with an admin account:
config system global set admin-maintainer disable end
