Reset Fortigate firewall without console cable

Subscribe to my newsletter and never miss my upcoming articles

I got a call today from a colleague who was onsite and needed to factory reset of a Fortigate 60E but didn't have a serial to USB cable. I immediately thought of how often I take having a console cable and serial to USB cable for granted.

If you have the proper tools, performing a factory reset is pretty straight forward:

  • Login in via SSH
  • Enter the following command and confirm
#exec factoryreset  
*This operation will reset the system to factory default!
Do you want to continue? (y/n)*

After that the system will reboot and you're set. In this case, we didn't have the luxury of the console. I naturally told him to press the reset button. He told me he had tried that and it did not work.

I did some quick research on this and I landed on a forum post where someone mentioned that the firewall has to be reset within the first 20-30 seconds of the device booting up. I initially confused that powering on. I had my colleague power the device on and then after 20-30 seconds hit reset. This did nothing.

Upon further research I found the reset button needs to pressed within the first 20-30 seconds after the device has fully booted up. With this being the case, the sequence of events is as follows-

  • Unplug the power.
  • Watch and wait for the LEDs to start to blink (LAN, WAN and STA LEDs).
  • After about 5 seconds after the STA led blinks, press the small reset button at the back using a paper clip, keeping it pressed until you see the LEDs blink orange, then red.

  • At this stage, you can release the button.

Once this is performed you have manually factory-reset your Fortigate firewall!

No Comments Yet