Fortinet 657 FortiWeb 5.0 Patch 6 Administration Guide
To reset the admin account’s password
1. Power off the FortiWeb appliance.
2. Find the serial number of the FortiWeb.
This is usually on the bottom of physical appliances. If you have previously registered the
appliance to associate it with your Fortinet Technical Support account, you can also retrieve
it from the web site.
3. On your computer, copy the serial number.
This is so that you are ready to quickly paste it into the terminal emulator. (Typing it slowly
may cause the login to time out.) The serial number is case sensitive.
4. While the appliance is shut down, connect the local console port of your appliance to your
computer.
5. On your management computer, start a terminal emulator such as PuTTY. For details, see
“To connect to the CLI using a local console connection” on page 74.
6. Power on the FortiWeb appliance.
Power on self-test (POST) and other messages should begin to appear in the console.
7. Between 15 - 30 seconds after the login prompt appears, immediately enter:
maintainer
then enter:
bcpb<serial-number_str>
where <serial-number_str> is the serial number. (If you have copied it, in PuTTY, you
can right-click to quickly paste it, instead of typing it in. This will prevent the login from
timing out.)
If you are successful, the CLI will welcome you, and you can then enter the following
commands to reset the admin account’s password:
config system admin
edit admin
set password <new-password_str>
end
exit
where <new-password_str> is the password for the administrator account named admin.
If you do not enter both the correct user name and the password within the correct time
frame, the console will display an error message:
The hashed password length is invalid
To attempt the login again, power cycle the appliance.
Data storage issuesIf FortiWeb cannot locally store any data such as logs, reports, and web site backups for
anti-defacement, it might have a damaged or corrupted hard disk. For fixes, see “Hard disk
corruption or failure” on page 658.
To do this, you must either have direct physical, local access to the appliance, or have
connected it to your terminal server which serves as an aggregator for direct physical accesses.
For security reasons, this cannot be done via the web UI nor via CLI through the Ethernet
network adapters.