Reset a FortiGate Firewall to Factory Settings
A FortiGate firewall plays a crucial role in securing your network, but there are situations where you might need to reset it to factory settings. Whether you’re troubleshooting a critical issue, repurposing the device, or recovering from a misconfiguration, resetting the firewall restores it to its original state.
This guide covers the different methods to reset a FortiGate firewall, using both the Web GUI and CLI.
Why Reset a FortiGate Firewall?
There are several reasons why you may need to perform a factory reset on your FortiGate device:
- Misconfiguration Issues – If incorrect settings lock you out or cause connectivity problems, a reset can provide a fresh start.
- Forgotten Password – If you lose access to the admin account, a reset allows you to regain control.
- Device Repurposing – If you’re transferring the firewall to another network or user, resetting removes old configurations.
- Security Concerns – In case of a security breach, restoring the factory settings ensures a clean, safe environment.
Method and Steps to Reset a FortiGate Firewall
Pre-Reset Considerations
- Backup Your Configuration – Resetting your FortiGate firewall will erase all settings, including firewall policies, VPN configurations, and user accounts. If you need to restore settings later, create a backup. To do this, navigate to System > Maintenance > Backup & Restore and save a copy of your current configuration.
- Check Device Access – If you still have access to the Web GUI or CLI, resetting the device will be easier. However, if you’re locked out, you may need to use the reset button (if available) or reload the firmware.
- Understand the Consequences – A factory reset will remove all custom configurations and revert the device to default settings. The default IP address will be 192.168.1.99/24, and the default admin password will be empty (no password required).
- Network Downtime – The reset process will cause temporary network downtime. Plan accordingly if your FortiGate is actively managing critical network traffic.
Reset Methods
There are three main ways to reset a FortiGate firewall:
- Using the Web GUI – Ideal if you still have access to the firewall’s management interface.
- Using the CLI (Command Line Interface) – Useful when Web GUI access is unavailable or if you prefer a command-based reset.
- Reset Using the Reset Button – For Certain FortiGateModels
Method 1: Reset via Web GUI CLI Console
If you have access to the FortiGate Web GUI, follow these steps:
- Log in to the FortiGate Web Interface.
- Navigate to CLI Console.
- Type
execute factoryreset - Confirm the reset and wait for the device to reboot.
Note: This method erases all configurations and resets the admin password to default.
Method 2: Reset via CLI (Command Line Interface)
For users with CLI access, the reset process is straightforward:
Step 1. Connect to FortiGate using SSH or via the console port.
Step 2. Log in with your admin credentials.
Step 3. Run the following command:
execute factoryresetStep 4. Confirm the action when prompted.
Step 5. The device will reboot and restore factory settings.
Method 3: Reset Using the Reset Button (For Certain Models)
Some FortiGate models have a physical reset button. If your device includes this feature:
- Power off the FortiGate unit.
- Press and hold the RESET button.
- Power on the device while continuing to hold the button for 10–15 seconds.
- Release the button when the status LEDs indicate the reset process.
Conclusion
Resetting a FortiGate firewall to factory settings is useful for troubleshooting, security, or repurposing the device. Whether using the Web GUI, CLI, or reset button, always ensure you have a backup of important configurations before proceeding.
By following these steps, you can restore your FortiGate to a clean state and reconfigure it as needed.
If you are intereseted in my other Fortinet FortiGate topics please check the following link.
