Wipe a Fortinet FortiGate Firewall – Delete All Logs and Configuration

On occasion, I have found that I have the need to not only wipe a Fortinet Fortigate Firewall’s configuration, settings, and logs, but to actually verify that the contents of the logs were wiped out. The script below will allow you to do this.

I would recommend using PuTTY with logging enabled to document your progress. With some modification this may work on other Fortinet devices. Note that you will have to modify the script to add any custom VDOMs you may have on your device.

I would highly recommend backing up your configuration and any logs that you need to retain, as I know of no way to undo this. Use the following script at your own risk!

#Fortinet Device wipe - Supports CTAP Units
#Version: 1.02
#Update: 2018-11-06
#Notes: For systems without VDOMs enabled,
#the config lines will produce an error, however

Mapped Drives Not Showing in Windows

Do you have a script that maps drive letters to different network attached storage (NAS) locations on Windows machines? Are those mapped drives not showing up under This PC or My Computer in the Windows GUI? If you run:

net use

The drives show up. You can even test connectivity by running:

cd t:
echo "test text" > testfile.txt

Unfortunately the drives still don’t show up within the GUI.

The solution in my case was to first remove all mappings by running:

net use /delete *
net use

The second command is used to confirm there are no mappings. It is best to now reboot your computer and prevent the mapping script from running.

After rebooting, using the Windows GUI, This PC, My Computer, File Explorer, etc. browse to your network location by typing \\storagelocation in the address bar (this can even be the IP of the device.) Map the first drive manually by right clicking on the folder you want and clicking on Map Network Drive. Follow through the prompts and make sure the drive shows up. This may vary a little depending on whether you are on Windows 7, Windows 8, Windows 10, Windows Server 2012, etc. If the drive still doesn’t show up, you may want to check some of the other solutions below. You can now continue running the rest of your network mapping script.

Another interesting oddity I found on a freshly installed Windows 10 box… If you run the net use commands from PowerShell using the Windows PowerShell (Admin) link or by right clicking and running PowerShell as Administrator, those connected drives are not available to Windows via the GUI!

Other suggested solutions found around the web:

  • Uncheck “Hide empty drives”
    • Click Start and type Folder Options and pressEnter
    • Click the View tab
    • Uncheck Hide empty drives in the Computer folder
  • Check Group Policies
  • Check the Registry
    • Browse to: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
      • If the NoDrives key is listed, back up and then delete the key
      • Note that this is the same as modifying the Group Policy
  • Check your security software