Connect via the Console Cable

The console cable is the safety net. When the FortiGate is unreachable on the network — wrong config locked you out, firmware bricked, factory reset needed — the serial console always works. Every FortiGate ships with a console port (RJ-45 or USB-C depending on model).

Before You Start

• A console cable. FortiGate ships with a Cisco-style RJ-45 → DB9 serial cable. You'll usually need a USB → DB9 adapter to plug into a laptop (DB9 serial is rare on modern PCs).
• Newer models (60F, 80F, 100F) have a USB-C console port — use any USB-C cable.
• A terminal program: PuTTY (Windows), Tera Term (Windows), screen / minicom (Linux/Mac).

Serial Settings (Memorize These)

Every FortiGate console uses:

• Speed: 9600 baud
• Data bits: 8
• Parity: None
• Stop bits: 1
• Flow control: None

Often shortened as 9600 8N1 no flow control.

Steps

Physical connection

1. Plug the cable into the FortiGate's CONSOLE port (clearly labeled).
2. Plug the other end into your laptop (via USB→serial adapter if needed).
3. Note the COM port (Windows: Device Manager → Ports; Mac/Linux: ls /dev/tty.usb* or /dev/ttyUSB*).

Connect

Windows (PuTTY):

1. Open PuTTY.
2. Connection type: Serial.
3. Serial line: your COM port (e.g. COM3).
4. Speed: 9600.
5. Click Open.

Mac/Linux (screen):

screen /dev/tty.usbserial-XXXX 9600
# Or on Linux:
screen /dev/ttyUSB0 9600
# Exit screen: Ctrl-A then K then y

Log in

Press Enter once or twice. You should see the FortiGate login prompt:

FGT60E login:

Enter admin and your password. You're at the CLI.

When the Console Is Your Only Option

• Locked out — wrong admin password, no MFA backup. From console, log in with default admin (if password unknown, you'll need to do a Factory Reset).
• Network config broke — assigned wrong IP to management interface, deleted the wrong VLAN, etc. Fix via console without depending on the network.
• Firmware install / recovery — TFTP firmware load from boot menu requires console access.
• No GUI / unit appears dead — console shows boot messages and any panics, even when network is down.

Boot Menu

Power-cycle the FortiGate while connected via console. Watch for messages like:

Press any key to display configuration menu.....

Press any key during the brief window. You get the BIOS boot menu:

[B]: Boot with backup firmware and set as default.
[Q]: Quit menu and continue to boot with default firmware.
[I]: System information.
[H]: Display this list of options.

The full menu (varies by model) lets you: - Boot the backup partition (when current firmware is broken). - Load firmware from TFTP (firmware recovery). - Format the boot device (full factory wipe).

Common Issues

• Connected but no output. Wrong baud (must be 9600). Wrong COM port. Cable in wrong port. Try unplug/replug.
• Garbled characters. Baud mismatch — usually you've set 115200 by mistake.
• Output is one-way (you see boot messages but typing doesn't work). Flow control set wrong — disable XON/XOFF and RTS/CTS in the terminal app.
• No driver for USB→serial adapter. Common with cheap adapters. Install the CH340 / PL2303 / FTDI driver from the chip manufacturer.

Related Pages

• Factory Reset
• Roll Back a Firmware Upgrade
• Locked Out of Admin GUI