Fortinet FortiGate 4000 User Manual

Page 106

Advertising
background image

106

Fortinet Inc.

Changing the FortiGate firmware

System status

If you are reverting to a previous FortiOS version (for example, reverting from FortiOS
v2.50 to FortiOS v2.36) you might not be able to restore your previous configuration
from the backup configuration file.

To use the following procedure you must have a TFTP server that the FortiGate unit
can connect to.

To revert to a previous firmware version using the CLI

1

Make sure that the TFTP server is running.

2

Copy the new firmware image file to the root directory of the TFTP server.

3

Log into the FortiGate CLI as the admin administrative user.

4

Make sure the FortiGate unit can connect to the TFTP server.
You can use the following command to ping the computer running the TFTP server.
For example, if the TFTP server's IP address is 192.168.1.168:
execute ping 192.168.1.168

5

Enter the following command to copy the firmware image from the TFTP server to the
FortiGate unit:
execute restore image <name_str> <tftp_ip>
Where <name_str> is the name of the firmware image file on the TFTP server and
<tftp_ip> is the IP address of the TFTP server. For example, if the firmware image

file name is FGT_300-v250-build045-FORTINET.out and the IP address of the

TFTP server is 192.168.1.168, enter:

execute restore image FGT_300-v250-build045-FORTINET.out
192.168.1.168
The FortiGate unit uploads the firmware image file. After the file uploads, a message
similar to the following is displayed:
Get image from tftp server OK.
This operation will downgrade the current firmware version!
Do you want to continue? (y/n)

6

Type Y.

7

The FortiGate unit reverts to the old firmware version, resets the configuration to
factory defaults, and restarts. This process takes a few minutes.

8

Reconnect to the CLI.
For information about logging into the CLI when the FortiGate unit is set to factory
defaults, see

“Connecting to the Command Line Interface (CLI)” on page 47

.

9

To confirm that the new firmware image has been loaded, enter:
get system status

10

Restore your previous configuration. Use the following command:
execute restore config

Note: Installing firmware replaces the current antivirus and attack definitions with the definitions
included with the firmware release that you are installing. After you install new firmware, use the
procedure

“Manually initiating antivirus and attack definitions updates” on page 125

to make

sure that antivirus and attack definitions are up to date. You can also use the CLI command

execute updatecenter updatenow

to update the antivirus and attack definitions.

Advertising
Popular Brands
Popular manuals