Step-to-step Recovery Password Fortigate:

Step

1. Make sure you have the physical connection to fortigate unit: Via Console Cable

Setting Value 

Speed Baud 9600
Data Bits 8Bit
Parity None
Stop Bits 1
Flow Control No Hardware Flow Control
Com Port (Windows->search->Device Manager->(see COMxx)

2. When the prompt is up, now Reset the appliance

3. You will see the device booting up, wait til the fortigate ask you the username and password

4. Now you have 30 Second to use the username: “Maintainer” with password: “bcpb+(xxx)” , xxx will be the Serial number of the fortigate unit.

5. After you gain access to fortigate don`t forget change the system admin with super_admin profile, so you can get your access back.

6. Example

If vdoms are not enabled use command: 
config system admin
edit admin
set password <psswrd>
end

If vdoms are enabled use command:
config global
config system admin
edit admin
set password <psswrd>
end

If you attempt to use the maintainer and get “PASSWORD RECOVERY FUNCTIONALITY IS DISABLED”, than on previous configuration password recovery was not enabled, you must boot the new firmware so the config will be reset

7. How to enable/disable password recovery function in fortigate:

(To disable)
config system global
set admin-maintainer disable
end

To enable)
config system global
set admin-maintainer enable
end

Advertisements