This article describes how to download and install firmware from a local TFTP server via the BIOS, under CLI control.
Caution: Installing firmware from a local TFTP server under console control will reset the FortiGate unit to factory default settings.
If possible, consider backing up the configuration before starting the TFTP server firmware upgrade.
Component:
- A null modem, or RJ-45 to DB9 console cable, supplied with the FortiGate unit.
- An Ethernet RJ45 cable
- A terminal client, such as a PC running HyperTerminal (Windows)
- A TFTP server (see below the recommended software)
Recommended TFTP software:
- Windows users
TFTPD32 - Open Source TFTP server for windows
[http://tftpd32.jounin.net/tftpd32.html]
3CDaemon V2 - 3com's TFTP server for windows
[http://support.3com.com/software/utilities_for_windows_32_bit.htm]
- Linux users:
Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10
Fedora Core 9
Centos 5
tftpd-hpa
[http://freshmeat.net/projects/tftpd-hpa/]
-Mac OS X 10.5/10.6 users:
TFTP Server v 3.3.1
[http://ww2.unime.it/flr/tftpserver/]
Troubleshooting:
Once entering the firmware image name and pressing enter, the FortiGate unit MAC address appears and the '#' symbols indicate the progress of the install.
If the MAC address does not show up, check the network cable and connector to ensure they are firmly attached to the FortiGate unit.
If MAC address shows up and no '#' signs appear, check which port the network cable is in. Use the table above in step 2 to ensure it is in the right port.
Sample Console Output:
The following is an example of what the output from the console can look like. Depending on the FortiGate unit, this may vary slightly.
FortiGate-40C (12:29-05.08.2013)
Ver:04000009
Serial number: FGT40C123456789
CPU(00): 525MHz
Total RAM: 512MB
Initializing boot device...
Initializing MAC... nplite#0
Press any key to display configuration menu...
[G]: Get firmware image from TFTP server.
[F]: Format boot device.
[I]: Configuration and information.
[B]: Boot with backup firmware and set as default.
[Q]: Quit menu and continue to boot.
[H]: Display this list of options.
Enter G,F,I,B,Q,or H:
It will erase data in boot device. Continue? [yes/no]:yes
Formatting......... Done.
[G]: Get firmware image from TFTP server.
[F]: Format boot device.
[I]: Configuration and information.
[B]: Boot with backup firmware and set as default.
[Q]: Quit menu and continue to boot.
[H]: Display this list of options.
Enter G,F,I,B,Q,or H:
Please connect TFTP server to Ethernet port '5'.
Enter TFTP server address [192.168.1.168]: 192.168.0.5
Enter local address [192.168.1.188]: 192.168.0.6
Enter firmware image file name [image.out]: FGT_40C-v5-build0701-FORTINET.out
MAC:085B0E14BB3E
###################################
Total 37651242 bytes data downloaded.
Verifying the integrity of the firmware image.
Total 262144kB unzipped.
Save as Default firmware/Backup firmware/Run image without saving:[D/B/R]?D
Programming the boot device now.
..............................................................................................................................................................................................................
Reading boot image 1393286 bytes.
Initializing firewall...
System is starting...
Starting system maintenance...
Scanning /dev/sda2... (100%)
FGT40C123456789 login: