FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
kjamshir
Staff
Staff
Article Id 198660

Description

 

This article explains how to factory reset the configuration using the external reset button on low-end FortiGate models.


Scope

 

FortiGate 60E/61E-POE, FortiGate/FortiWiFi-60F/61F, FortiGate/FortiWiFi 40F, FortiGate-80F, FortiGate/FortiWifi 60C, and other small business models.


Solution


On some FortiGate, there is an external button:

 

  •  Low-end or small business models: FortiGate 60E/61E-POE, FortiGate/FortiWiFi 60F/61F, FG/FWF 40F, FortiGate-80F, FortiGate/FortiWifi 60C, this button labeled with 'RESET' on the Back Panel of the hardware.
  • When enabled (default state), resets the unit to its factory default settings if pressed during the first 30 or 60 seconds after a reboot.
  • In mid to high-end models, this button is not labeled and is NOT used to Factory Reset the FortiGate but is called the external NMI (non-maskable interrupt) watchdog feature. Refer to the following article Technical Tip: NMI Button for Troubleshooting Kernel Issues for more info.
  • This button is useful to be pressed when the FortiGate is at frozen status and not responding to management or pass-through traffic.
  • When pressing this button, it causes the software to dump registers/backtraces to the console. After the data is dumped, the device reboots. The output will be useful for TAC support to find the root cause of the frozen state.
  • To confirm the purpose of this external button on the FortiGate:

diagnose hardware test button

 

  • The output will show if it is used for Reset Button or NMI Button. It is possible to press 'N' to stop the test.
  • This article is about the models that support the RESET button. When pressed, the FortiGate configuration will be reset to the default factory configuration.
  • The location of the button is shown below.
 

  • The behavior of the reset button will depend also upon the firmware version that is being used. One of the options below will factory default the unit:
 
Option A.
 
  1.  Reboot FortiGate.
  • It should be noted that a power-cycle is required and that using the CLI command execute reboot may not be sufficient to enable the reset button.

  1. Wait until the FortiGate OS is running again.
  • The FortiGate OS is at the running stage when the 'STATUS'/'STA' LED is flashing. It means that the console prompts the login.

  1.  In the first 30 or 60 seconds press the external button which is used to Factory Reset the FortiGate.
  • The reset button can only be used in the first 30 or 60 seconds depending on the model after a power-cycle.
  • If the uptime of the unit is more than 30 or 60 seconds, the RESET button is disabled and when pressed the console output will prompt with the below message, and no action is taken if pressed at this stage.
FortiGate :                                                                                                                                                          
The reset button has been disabled, press the button during the first 60 seconds after a power-cycle.

  1. If the external button is pressed on time, the unit reboots, and the default configuration will be active.
 
Option B.
  1. The reset button can be pressed at any time and the unit will perform a factory reset.
  2. After the unit reboots the default configuration will be active in the same way as if the CLI command execute factoryreset had been used.