Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Evripos
New Contributor

FGT 60e Cannot Connect to it

Hi.

I purchased a Fortigate 60e about two weeks ago.  All this time I've tried everything to perform an initial login to the device, but with no luck.  I have used four different web explorers (Mozilla  63.0.3, Chrome 70.0.3538.102, Internet Explorer 11.0.96, and Opera 56.0.3051.104).  I always get the same error, SSL_ERROR_NO_CYPHER_OVERLAP.  I have tried using a different cipher such as TLS 1.0, TLS 1.1 and TLS 1.2 with no success.  My current setup is: ASUS laptop connected via ethernet to FGT's Port 1 with the static IP address 192.168.1.2, netmask 255.255.255.0 and default gateway 192.168.1.99.

I contacted customer support yesterday and opened up a ticket to no avail.  I was told that they had no idea why I wasn't getting connected with the above setup.  I was told that the unit was shipped with a later firmware which should have support for TLS 1.2.  Since nothing worked, I was told to connect via the console with a USB to ethernet cable.  I did get this cable this morning but with no luck.  The FortiExplorer application is not picking up at all my FGT.  I later read at https://www.andovercg.com...tinet-fortigate-60.pdf that the Console ethernet port does not connect to a USB but rather to a serial port.  I'm wordering why the customer service operator told me that the USB to Ethernet setup would have worked.

I forgot to mention that last night I tried to login via the FortiCloud.  That did not work either.

Any help would be greatly appreciated.

Thank you,

 

Yanni

5 REPLIES 5
Evripos
New Contributor

Updating my previous post.

 

From some online reading I found that the Fortigate 60e is using a self-signed Certificate.  Since the encrypting protocol is having problems with the current browsers, thus I cannot connect to its Web-GUI, is there a way for someone to download this certificate and import it manually into his allowed/trusted certificates folder?

 

Thank you,

 

Yanni

Sunil_Panchal_NSE7

Dear friend ,

      the device you have is totally new, then you must not have any issue.

please can you attach the screenshot to understand the situation better.

by default fortigate will open at port 80,443 with certificate warning .

from console cable you will be able to access device with out any issue .

try serial to usb cable and open the device and then format the device if you still have issue.

 

please attach the screenshot to seen the issue .

 

best regards

ede_pfau
Esteemed Contributor III

hi,

 

in order to log in I would recommend to use the console port first, then check the config and then log in via browser. The console port is a serial port with parameters 9600,8,N,1 (or 19200,8,N,1).

 

There is a console cable RJ45-to-DB9 included in the original package. Connect the DB9 end to a USB-to-serial plug (which you would have to get first). I've heard that a StarTech would work fine but I'm sure others do as well.

 

The application to use with the serial port is a terminal emulation. I use HyperTerm which was included in older Windows editions. There is a Private Ed. available from Hilgraeve which has more features and runs in Win7, Win10.

 

Using this, you will get a command line. Enter "admin" as username, and no password. Once you've connected we'll see further. I would start with "exec factoryreset".


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
Evripos

Update.

 

Today, 11/25/2018, I was able to connect to my Fortigate 60e via Mozilla.  I changed the port from :24 to :80 and that did the trick.  I got the idea after reading Sunil's message.  It did give me the option to accept the self-signed security certificate which I did accept and saved.

I would consider my issue resolved at this point.  Thank you all for your messages.

 

Yanni

ede_pfau
Esteemed Contributor III

Glad you solved it.

Really, port 24? What's that for? Or from? It's not even a "well known port"...


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
Labels
Top Kudoed Authors