Firmware upgrades
Fortinet Technologies Inc.
You can use any MGMT interface of either of the FIMs. When you set up the FPM TFTP settings below, you select
the FIM that can connect to the TFTP server. If the MGMT interface you are using is one of the MGMT interfaces
connected as a LAG to a switch, you must shutdown or disconnect all of the other interfaces that are part of the LAG
from the switch. This includes MGMT interfaces from both FIMs
4.
Using the console cable supplied with your FortiGate-7000F, connect the SMM Console 1 port on the FortiGate-
7000F to the USB port on your management computer.
5.
Start a terminal emulation program on the management computer. Use these settings:
Baud Rate (bps) 9600, Data bits 8, Parity None, Stop bits 1, and Flow Control None.
6.
Press Ctrl-T to enter console switch mode.
7.
Repeat pressing Ctrl-T until you have connected to the module to be updated. Example prompt:
<Switching to Console: FPM03 (9600)>
8.
Optionally log into the FPM's CLI.
9.
Reboot the FPM.
You can do this using the
execute reboot
command from the FPM's CLI or by pressing the power switch on the
FPM front panel.
10.
When the FPM starts up, follow the boot process in the terminal session and press any key when prompted to
interrupt the boot process.
11.
To set up the TFTP configuration, press C.
12.
Use the BIOS menu to set the following. Change settings only if required.
[P]: Set image download port:
FIM01 (the FIM that can communicate with the TFTP server).
[D]: Set DHCP mode:
Disabled.
[I]: Set local IP address:
The IP address of the MGMT interface of the selected FIM that you want to use
to connect to the TFTP server. This address must not be the same as the FortiGate-7000F management IP address
and cannot conflict with other addresses on your network.
[S]: Set local Subnet Mask
: Set as required for your network.
[G]: Set local gateway
: Set as required for your network.
[V]: Local VLAN ID
: Should be set to
<none>
. (use -1 to set the Local VLAN ID to
<none>
.)
[T]: Set remote TFTP server IP address
: The IP address of the TFTP server.
[F]: Set firmware image file name
: The name of the firmware image file that you want to install.
13.
To quit this menu, press Q.
14.
To review the configuration, press R.
To make corrections, press C and make the changes as required. When the configuration is correct proceed to the
next step.
15.
To start the TFTP transfer, press T.
The firmware image is uploaded from the TFTP server and installed on the FPM. The FPM then restarts with its
configuration reset to factory defaults. After restarting, the FPM configuration is synchronized to match the
configuration of the primary FPM. The FPM restarts again and can start processing traffic.
16.
Once the FPM restarts, verify that the correct firmware is installed.
You can do this from the FPM GUI dashboard or from the FPM CLI using the
get system status
command.
17.
Enter the
diagnose sys confsync status | grep in_sy
command to verify that the configuration has
been synchronized. The field
in_sync=1
indicates that the configurations of the FIMs and FPMs are synchronized.
FIMs and FPMs that are missing or that show
in_sync=0
are not synchronized. To synchronize an FIM or FPM
that is not synchronized, log into the CLI of the FIM or FPM and restart it using the
execute reboot
command . If
this does not solve the problem, contact Fortinet Support at
.
FortiGate-7121F System Guide
42