Description
This article describes the steps to take on a managed FortiSwitch or standalone FortiSwitch to disable console access.
Scope
FortiSwitch 7.2.0 or above.
Solution
On a managed FortiSwitch, the console access on FortiSwitch can be disabled as follows:
On FortiGate:
config switch-controller switch-profile
edit {default | <FortiSwitch_profile_name>} <- Default will apply the configuration for all managed FortiSwitches.
set login disable <- Enabled by default.
end
On Standalone FortiSwitch the configuration is almost the same:
config system console
set login disable
end
After these configurations, no user would be able to log into FortiSwitch using the console port. Note that only performing a factory reset to the device or enabling the access back through SSH or Telnet would make it possible to access the FortiSwitch using the console port.
