Sometimes you will need to re-image a Fortigate device if you suspect that there is a corruption with the image, or if you get CRC errors upon bootup. All you need is a computer with a network card, a console cable, a TFTP program and a network cable.
Firstly this can only be done via the console port. You’ll need to give a static IP address to your computer (for this example we’ll use 192.168.1.1).
Next download and install a TFTP server on your computer; I recommend installing PumpKIN which is a free lightweight TFTP server/client.
Connect to the unit via console (9600 baud) and reboot it; you will get the following output:
FWF30B (16:08-05.13.2009)
Ver:04000002
Serial number:FWF30B3G09003524
RAM activation
Total RAM: 128MB
Enabling cache...Done.
Scanning PCI bus...Done.
Allocating PCI resources...Done.
Enabling PCI resources...Done.
Zeroing IRQ settings...Done.
Verifying PIRQ tables...Done.
Enabling Interrupts...Done.
Boot up, boot device capacity: 64MB.
Press any key to display configuration menu...
...
You need to quickly press any key (like spacebar) to disrupt to boot up process. When you have you'll be displayed the following options:
[G]: Get firmware image from TFTP server.
[F]: Format boot device.
[I]: Configuration and information.
[Q]: Quit menu and continue to boot with default firmware.
[H]: Display this list of options.
Enter Selection [G]:
Enter G,F,I,Q,or H:
Type G to reimage the device. You will then be displayed the following screens. Here it will tell you what network port to plug your computer into the Fortigate, as well as asking you whats the IP address you've given to your computer, what you want the Fortigate to has and what the image name is. I've bolded what I've used for this example:
Please connect TFTP server to Ethernet port "4".
Enter TFTP server address [192.168.1.168]: 192.168.1.1
Enter local address [192.168.1.188]: 192.168.1.2
Enter firmware image file name [image.out]: fwf30b.out
Once this is done the device will upload the image and reboot. You'll see the following screens, which can take upto 3 minutes to complete.
MAC:00090FC7FCEC ##############
Total 15529163 bytes data downloaded.
Verifying the integrity of the firmware image.
Total 28288kB unzipped.
Save as Default firmware/Run image without saving:[D/R]?d
Programming the boot device now.
...........................
Reading boot image 1553766 bytes.
Initializing firewall...
System is started.
Once this is done you'll be presented with a login screen, where the default username password is in effect (ie: u: admin, and no password).
FWF30B3G09003524 login: admin
Password:
Welcome !
FWF30B3G09003524 #
Firstly this can only be done via the console port. You’ll need to give a static IP address to your computer (for this example we’ll use 192.168.1.1).
Next download and install a TFTP server on your computer; I recommend installing PumpKIN which is a free lightweight TFTP server/client.
Connect to the unit via console (9600 baud) and reboot it; you will get the following output:
FWF30B (16:08-05.13.2009)
Ver:04000002
Serial number:FWF30B3G09003524
RAM activation
Total RAM: 128MB
Enabling cache...Done.
Scanning PCI bus...Done.
Allocating PCI resources...Done.
Enabling PCI resources...Done.
Zeroing IRQ settings...Done.
Verifying PIRQ tables...Done.
Enabling Interrupts...Done.
Boot up, boot device capacity: 64MB.
Press any key to display configuration menu...
...
You need to quickly press any key (like spacebar) to disrupt to boot up process. When you have you'll be displayed the following options:
[G]: Get firmware image from TFTP server.
[F]: Format boot device.
[I]: Configuration and information.
[Q]: Quit menu and continue to boot with default firmware.
[H]: Display this list of options.
Enter Selection [G]:
Enter G,F,I,Q,or H:
Type G to reimage the device. You will then be displayed the following screens. Here it will tell you what network port to plug your computer into the Fortigate, as well as asking you whats the IP address you've given to your computer, what you want the Fortigate to has and what the image name is. I've bolded what I've used for this example:
Please connect TFTP server to Ethernet port "4".
Enter TFTP server address [192.168.1.168]: 192.168.1.1
Enter local address [192.168.1.188]: 192.168.1.2
Enter firmware image file name [image.out]: fwf30b.out
Once this is done the device will upload the image and reboot. You'll see the following screens, which can take upto 3 minutes to complete.
MAC:00090FC7FCEC ##############
Total 15529163 bytes data downloaded.
Verifying the integrity of the firmware image.
Total 28288kB unzipped.
Save as Default firmware/Run image without saving:[D/R]?d
Programming the boot device now.
...........................
Reading boot image 1553766 bytes.
Initializing firewall...
System is started.
Once this is done you'll be presented with a login screen, where the default username password is in effect (ie: u: admin, and no password).
FWF30B3G09003524 login: admin
Password:
Welcome !
FWF30B3G09003524 #
No comments:
Post a Comment