I bought an used Fortigate 50B firewall and didn’t get the admin password nor the console cable with it. It has a serial RJ-45 connector and I made a RJ-45 to RS-232 converter from a LAN cable (There are two wiring standards for the RJ-45 jacks and plugs, T568A and T568B).

 

RJ-45 to RS-232 pinout


 

DB9  RJ-45
 2     3(green/white)
 3     6(green)
 5     5(blue/white)

DB9 pins 2/3(TxD/RxD) may need to be swapped if you use a null-modem cable.

 

Console Settings:
Baud Rate (bps): 9600
Data bits: 8
Parity: None
Stop bits: 1
Flow Control: None

 

Resetting Password:
With the cable attached, and console connected, reboot the firewall.
When the logon prompt appears, type in “maintainer” as username. Use bcpb and the serial number of the firewall as password.

Example:
Serial number is FGT50B12345ABCDE, then the password would be bcpbFGT50B12345ABCDE.

* Use UPPERCASE letters in the serial number.
* You have only 14 seconds or less to type in the username/password on some devices. Rebooting the device resets timer.
* For security reasons the maintainer feature can be disabled. If you are greeted with “PASSWORD RECOVERY FUNCTIONALITY IS DISABLED”, you are unfortunately out of luck.

 

Set a new password from CLI:
config system admin
edit admin
set password yournewpasswordhere
end