Installing Fpm Firmware From The Bios After A Reboot - Fortinet FortiGate-7000E Series System Manual

Firmware upgrades
Installing FPM firmware from the BIOS after a reboot
Use the following procedure to upload firmware from a TFTP server to an FPM. To perform the upgrade, you must enter
a command from the primary FIM CLI to allow the FPM BIOS to communicate through an FIM MGMT interface. The
procedure involves creating a connection between the TFTP server and one of the FIM MGMT interfaces.
This procedure also involves connecting to the FPM CLI using a FortiGate-7000 front panel Management Module
console port, rebooting the FPM, interrupting the boot from the console session, and following FPM BIOS prompts to
install the firmware.
During this procedure, the FPM will not be able to process traffic. However, the other FPMs and the FIMs should
continue to operate normally.
After you verify that the FPM is running the right firmware, you must log back in to the primary FIM CLI and return the
FPM to normal operation.
1. Set up a TFTP server and copy the firmware file into the TFTP server default folder.
2. Log into to the primary FIM CLI and enter the following command:
diagnose load-balance switch set-compatible <slot> enable bios
Where <slot> is the number of the FortiGate-7000 slot containing the FPM to be upgraded.
3. Set up your network to allow traffic between the TFTP server and a MGMT interface of one of the FIMs.
You can use any MGMT interface of either of the FIMs. When you set up the FPM TFTP settings below, you select
the FIM that can connect to the TFTP server. If the MGMT interface you are using is one of the MGMT interfaces
connected as a LAG to a switch, you must shutdown or disconnect all of the other interfaces that are part of the
LAG from the switch. This includes MGMT interfaces from both FIMs
4. Using the console cable supplied with your FortiGate-7000, connect the management module Console 1 port on
the FortiGate-7000 to the RS-232 port on your management computer.
5. Start a terminal emulation program on the management computer. Use these settings:
Baud Rate (bps) 9600, Data bits 8, Parity None, Stop bits 1, and Flow Control None.
6. Press Ctrl-T to enter console switch mode.
7. Repeat pressing Ctrl-T until you have connected to the module to be updated. Example prompt:
<Switching to Console: FPM03 (9600)>
8. Optionally log into the FPM's CLI.
9. Reboot the FPM.
You can do this using the
FPM front panel.
10. When the FPM starts up, follow the boot process in the terminal session and press any key when prompted to
interrupt the boot process.
11. To set up the TFTP configuration, press C.
12. Use the BIOS menu to set the following. Change settings only if required.
[P]: Set image download port: FIM01 (the FIM that can communicate with the TFTP server).
[D]: Set DHCP mode: Disabled.
[I]: Set local IP address: The IP address of the MGMT interface of the selected FIM that you want to
use to connect to the TFTP server. This address must not be the same as the FortiGate-7000 management IP
address and cannot conflict with other addresses on your network.
[S]: Set local Subnet Mask : Set as required for your network.
[G]: Set local gateway : Set as required for your network.
FortiGate-7040E System Guide
execute reboot command from the FPM's CLI or by pressing the power switch on the
39
Fortinet Technologies Inc.