Periodically a situation arises where the FortiSandbox needs to be accessed or the admin account's password needs to be changed but no one with the existing password is available. If you have physical access to the device and a few other tools, the password can be reset.
This procedure will require the reboot of the FortiSandbox unit.
You will need:
- Console cable
- Terminal software such as Putty.exe (Microsoft Windows) or Terminal (Mac OS X)
- Serial number of the FortiSandbox device
To reset the FortiSandbox password:
- Connect the computer to the FortiSandbox via the Console port on the back of the unit.
- Start a terminal emulation program on the management computer.
- Select the COM port and use the following settings:
Opento connect to the FortiSandbox CLI.
- The FortiSandbox should then respond with its name or hostname. (If it does not try pressing Enter.)
- Reboot the FortiSandbox using the power button.
- Wait for the FortiSandbox name and login prompt to appear.
- Type in the username: maintainer.
- The password is bcpb + the serial number of the firewall. (The letters of the serial number are in UPPERCASE format, Example: bcpbFSA3KD3R13000024.)
On the FortiSandbox 3000D, after the device boots, you have ten minutes to type in the username and password. You may opt to have the credentials ready in a text editor, and then copy and paste them into the login screen. There is no indicator of when your time runs out so it is possible that it might take more than one attempt to succeed.
- Now you should be connected to the FortiSandbox. To change the admin password, enter the following CLI commands:
- You can now proceed to log in to the FortiSandbox using admin and the password you set in the previous step.
The maintainer user can be disabled through CLI command