Table of Contents
Advertisement
Operating a FortiGate-7000
[I]: Set local IP address: A temporary IP address to be used to connect to the TFTP server. This
address must not be the same as the chassis management IP address and cannot conflict with other
addresses on your network
[S]: Set local Subnet Mask: Set as required for your network.
[G]: Set local gateway: Set as required for your network.
[V]: Local VLAN ID: Use -1 to clear the Local VLAN ID.
[T]: Set remote TFTP server IP address: The IP address of the TFTP server.
[F]: Set firmware image file name: The name of the firmware file to be installed.
12. Press Q to quit this menu.
13. Press R to review the configuration.
If you need to make any corrections, press C and make the changes as required. When the configuration is correct
proceed to the next step.
14. Press T to start the TFTP transfer.
The firmware image is uploaded from the TFTP server and installed on the FIM module which then reboots. When
it starts up the module's configuration is reset to factory defaults. The module's configuration is synchronized to
match the configuration of the primary module. The new module reboots again and can start processing traffic.
15. Verify that the configuration has been synchronized.
The following command output shows the sync status of the FIM modules in a FortiGate-7000 chassis. The field
in_sync=1 indicates that the configurations of the modules are synchronized.
diagnose sys confsync
status | grep in_sy
FIM04E3E16000080, Slave, uptime=177426.45, priority=2,
slot_id=1:2, idx=0, flag=0x0, in_sync=1
FIM10E3E16000063, Master, uptime=177415.38, priority=1,
slot_id=1:1, idx=1, flag=0x0, in_sync=1
If in_sync is not equal to 1 or if a module is missing in the command output you can try restarting the
modules in the chassis by entering execute reboot from any module CLI. If this does not solve the problem,
contact Fortinet support.
Uploading firmware from a TFTP server to an FPM module
Use the following steps to upload firmware from a TFTP server to an FPM module. This procedure requires
Ethernet connectivity between the TFTP server and one of the MGMT interfaces of one of the FIM modules in
the same chassis as the FPM module.
During this procedure, the FPM module will not be able to process traffic so, if possible, perform this procedure
when the network is not processing any traffic. However, the other FPM modules and the FIM modules in the
chassis should continue to operate normally and the chassis can continue processing traffic.
If you are operating an HA configuration, you should remove the chassis from the HA configuration before
performing this procedure.
1. Set up a TFTP server and copy the firmware file to be installed into the TFTP server default folder.
2. Set up your network to allow traffic between the TFTP server and a MGMT interface of one of the FIM modules in
the chassis that also includes the FPM module.
You can use any MGMT interface of either of the FIM modules. If the MGMT interface you are using is one of the
MGMT interfaces connected as a LAG to a switch you must shutdown or disconnect all of the other connections in
the LAG from the switch. This includes the MGMT interfaces in the other FIM module.
FortiGate-7000
Fortinet Technologies Inc.
Installing firmware on an FIM or FPM module from the BIOS using a TFTP server
48
Advertisement
Table of Contents
