Table of Contents
Advertisement
Upgrading firmware
Recovering from a failed upgrade
Firmware files have the format Model_Version_Date.sgu or Model_Version_Date_*.sgu.
Login to your PC with sufficient permissions to edit the server configuration files, and stop and start the
1
servers.
Place the recovery file (.sgr) in the BOOTP server's path and rename it image.bin. On Linux operating
2
systems, the path is usually /tftpboot. Verify the path in your tftp configuration file or the tftpd server
documentation. For example:
/tftpboot/image.bin
Note:
Due to a bug in the bootloader in some of the UTM Firewall appliance models (SG560, SG565, SG580),
the BOOTP filename argument may not work.You can try using the regular filename of the recovery file. If it
does not work, rename the .sgr file to "image.bin" as directed in
[TFTP upgrades only] If you intend to use the TFTP utility to flash the .sgu onto the appliance, place the
3
.sgu file into the BOOTP directory as well as the .sgr file.
Tip:
It is easier to use the HTTP flash upgrade in the Management Console. See
HTTP.
Edit your BOOTP server configuration to contain an entry for the appliance. Specify the recovery image
4
file (.sgr) as the file to boot. The entry may look something like the following:
host SG300 {
hardware ethernet 00:D0:CF:01:02:03;
filename "SG300-Recover_v1.0.2_20060224.sgr";
fixed-address 192.168.0.100;
}
Restart the BOOTP server.
5
Attach the UTM Firewall appliance's LAN port or first port of the UTM Firewall appliance's switch directly
6
to your PC using a straight cable.
Power off the appliance. Press and hold the erase button while powering the appliance on again; keep the
7
erase button held in for 5-10 seconds.
Note:
If you are recovering an SG560U, the LED lights on the unit will turn on in sequence while the erase
button is being held, starting with the power LED. Continue to hold the erase button until the sequence is
complete to proceed with the BOOTP server recovery. If the erase button is released at any time prior to the
completion of the 10 second LED sequence, the UTM Firewall device will reboot into the boot recovery image
(see
Recovery using the boot recovery
After 20–30 seconds, the appliance loads the file from the DHCP/BOOTP server and the H/B light begins
8
flashing.
Browse or telnet/ssh to your appliance and perform a flash upgrade as per usual to reprogram its flash
9
using the final firmware image (.sgu).
If the appliance is unreachable, but the
Note:
configuration. If this is the case, press the erase button twice within 3 seconds, 1 second apart to restore
the factory default configuration. Perform the network boot again.
Recovery using the boot recovery image
The SG560U UTM Firewall can also be booted into a recovery image (stored in the boot flash).
Note:
This procedure only applies to the SG560U UTM Firewall.
The UTM Firewall boot recovery image is a simplified version of the UTM Firewall firmware that contains a
GUI for use in diagnosing problems and recovering standard firmware.
To reboot the SG560U into the boot recovery image:
McAfee UTM Firewall 4.0.4 Administration Guide
image).
Heart Beat/H/B
Step
2.
Upgrading flash firmware via
light is flashing, it may be due to bad
381
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
