Reset Fortigate firewall without console cable
I got a call today from a colleague who was onsite and needed to factory reset of a Fortigate 60E but didn't have a serial to USB cable. I immediately thought of how often I take having a console cable and serial to USB cable for granted.
If you have the proper tools, performing a factory reset is pretty straight forward:
- Login in via SSH
- Enter the following command and confirm
reset the system to factory default! Do you want to continue? (y/n)**This operation will
After that the system will reboot and you're set. In this case, we didn't have the luxury of the console. I naturally told him to press the reset button. He told me he had tried that and it did not work.
I did some quick research on this and I landed on a forum post where someone mentioned that the firewall has to be reset within the first 20-30 seconds of the device booting up. I initially confused that powering on. I had my colleague power the device on and then after 20-30 seconds hit reset. This did nothing.
Upon further research I found the reset button needs to pressed within the first 20-30 seconds after the device has fully booted up. With this being the case, the sequence of events is as follows-
- Unplug the power.
- Watch and wait for the LEDs to start to blink (LAN, WAN and STA LEDs).
After about 5 seconds after the STA led blinks, press the small reset button at the back using a paper clip, keeping it pressed until you see the LEDs blink orange, then red.
At this stage, you can release the button.
Once this is performed you have manually factory-reset your Fortigate firewall!