Description
This article describes how to do HQIP test precisely.
Solution
- Schedule a maintenance window and take a configuration backup.
- Prepare a TFTP server and HQIP image for FortiGate.
- Tftpd64 can be downloaded from pjo2.github.io/tftpd64
- HQIP image can be downloaded from support.fortinet.com
Go to Download –> HQIP Images and enter the serial number.
3. Save the HQIP image.
4. Run the TFTP server and configure the 'Current Directory' field where the HQIP image is located.
4. Run the TFTP server and configure the 'Current Directory' field where the HQIP image is located.
5. Configure the network of the PC.
For example 192.168.1.100 / 255.255.255.0
6. Connect the PC to FortiGate via the console port.
7. If connected to FortiGate, run the CLI command 'execute reboot' to reboot the FortiGate.
8. When 'Please wait for OS to boot, or press any key to display configuration menu' appears during booting-up, enter the 'C' key to configure TFTP parameters.
For example 192.168.1.100 / 255.255.255.0
6. Connect the PC to FortiGate via the console port.
7. If connected to FortiGate, run the CLI command 'execute reboot' to reboot the FortiGate.
8. When 'Please wait for OS to boot, or press any key to display configuration menu' appears during booting-up, enter the 'C' key to configure TFTP parameters.
FortiGate-60D (11:46-03.16.2016)
Ver:05000002
Serial number: FGT60D4Q16-----6
CPU(00): 800MHz
Total RAM: 2GB
Initializing boot device...
Initializing MAC... nplite#0
Please wait for OS to boot, or press any key to display configuration menu
[C]: Configure TFTP parameters.
[R]: Review TFTP parameters.
[T]: Initiate TFTP firmware transfer.
[F]: Format boot device.
[I]: System information.
[B]: Boot with backup firmware and set as default.
[Q]: Quit menu and continue to boot.
[H]: Display this list of options.
Enter C,R,T,F,I,B,Q,or H: C
Ver:05000002
Serial number: FGT60D4Q16-----6
CPU(00): 800MHz
Total RAM: 2GB
Initializing boot device...
Initializing MAC... nplite#0
Please wait for OS to boot, or press any key to display configuration menu
[C]: Configure TFTP parameters.
[R]: Review TFTP parameters.
[T]: Initiate TFTP firmware transfer.
[F]: Format boot device.
[I]: System information.
[B]: Boot with backup firmware and set as default.
[Q]: Quit menu and continue to boot.
[H]: Display this list of options.
Enter C,R,T,F,I,B,Q,or H: C
9. Following menus are here to configure TFTP parameters :
[P]: Set firmware download port.
[D]: Set DHCP mode.
[I]: Set local IP address.
[S]: Set local subnet mask.
[G]: Set local gateway.
[V]: Set local VLAN ID.
[T]: Set remote TFTP server IP address.
[F]: Set firmware file name.
[E]: Reset TFTP parameters to factory defaults.
[R]: Review TFTP parameters.
[N]: Diagnose networking(ping).
[Q]: Quit this menu.
[H]: Display this list of options.10) Enter the 'P' key to set the firmware download port of the FortiGate.
[D]: Set DHCP mode.
[I]: Set local IP address.
[S]: Set local subnet mask.
[G]: Set local gateway.
[V]: Set local VLAN ID.
[T]: Set remote TFTP server IP address.
[F]: Set firmware file name.
[E]: Reset TFTP parameters to factory defaults.
[R]: Review TFTP parameters.
[N]: Diagnose networking(ping).
[Q]: Quit this menu.
[H]: Display this list of options.10) Enter the 'P' key to set the firmware download port of the FortiGate.
Enter P,D,I,S,G,V,T,F,E,R,N,Q,or H: P
[0]: Any of port 1 - 7
[1]: WAN1
[2]: WAN2
Enter image download port number [WAN1]: 1 <------( Press number wanted ).
[0]: Any of port 1 - 7
[1]: WAN1
[2]: WAN2
Enter image download port number [WAN1]: 1 <------( Press number wanted ).
11. Enter 'I' to set the local IP address for FortiGate WAN1.
Enter P,D,I,S,G,V,T,F,E,R,N,Q,or H: I
Enter local IP address [192.168.1.1]: Press “Enter” key to use 192.168.1.1 as an IP for FGT’s WAN112) Enter 'S' to set the local subnet mask for FortiGate WAN1.
Enter local IP address [192.168.1.1]: Press “Enter” key to use 192.168.1.1 as an IP for FGT’s WAN112) Enter 'S' to set the local subnet mask for FortiGate WAN1.
Enter P,D,I,S,G,V,T,F,E,R,N,Q,or H: S
Enter local subnet mask [255.255.255.0]: Press “Enter” key to use 255.255.255.0 as a subnet for FGT’s WAN113) Enter 'T' to set the remote TFTP server IP address for the PC.
Enter local subnet mask [255.255.255.0]: Press “Enter” key to use 255.255.255.0 as a subnet for FGT’s WAN113) Enter 'T' to set the remote TFTP server IP address for the PC.
Enter P,D,I,S,G,V,T,F,E,R,N,Q,or H: T
Enter remote TFTP server IP address [192.168.1.100]: Press “Enter” key to use 192.168.1.100 as a PC IP.14) Enter 'F' to set the firmware file name which is the name of the HQIP image downloaded previously.
Enter remote TFTP server IP address [192.168.1.100]: Press “Enter” key to use 192.168.1.100 as a PC IP.14) Enter 'F' to set the firmware file name which is the name of the HQIP image downloaded previously.
Enter P,D,I,S,G,V,T,F,E,R,N,Q,or H: F
Enter firmware file name [FGT_60D-HQIP.2.5.0.1035.OUT]: FGT_60D-HQIP.2.5.0.1035.OUT
...done15) Enter 'R' to review the TFTP parameters configured.
Enter firmware file name [FGT_60D-HQIP.2.5.0.1035.OUT]: FGT_60D-HQIP.2.5.0.1035.OUT
...done15) Enter 'R' to review the TFTP parameters configured.
Enter P,D,I,S,G,V,T,F,E,R,N,Q,or H: R
Image download port: WAN1
DHCP status: Disabled
Local VLAN ID: <NULL>
Local IP address: 192.168.1.1
Local subnet mask: 255.255.255.0
Local gateway: 192.168.1.254
TFTP server IP address: 192.168.1.100
Firmware file name: FGT_60D-HQIP.2.5.0.1035.OUT16) Enter 'N' to diagnose networking between FortiGate and TFTP server.
Image download port: WAN1
DHCP status: Disabled
Local VLAN ID: <NULL>
Local IP address: 192.168.1.1
Local subnet mask: 255.255.255.0
Local gateway: 192.168.1.254
TFTP server IP address: 192.168.1.100
Firmware file name: FGT_60D-HQIP.2.5.0.1035.OUT16) Enter 'N' to diagnose networking between FortiGate and TFTP server.
Enter P,D,I,S,G,V,T,F,E,R,N,Q,or H: N
[1]: Ping remote TFTP server.
[2]: Ping gateway.
[3]: Ping specified IP address.
[Q]: Quit this menu.
[H]: Display this list of options.17) Enter '1' to ping from FortiGate to the TFTP server.
[1]: Ping remote TFTP server.
[2]: Ping gateway.
[3]: Ping specified IP address.
[Q]: Quit this menu.
[H]: Display this list of options.17) Enter '1' to ping from FortiGate to the TFTP server.
Enter 1,2,3,Q,or H: 1
Ping#1: Host 192.168.1.100 is reachable.
Ping#2: Host 192.168.1.100 is reachable.
Ping#3: Host 192.168.1.100 is reachable.
Ping#4: Host 192.168.1.100 is reachable.18) Enter 'Q' to quit this menu and go to the upper menu.
Ping#1: Host 192.168.1.100 is reachable.
Ping#2: Host 192.168.1.100 is reachable.
Ping#3: Host 192.168.1.100 is reachable.
Ping#4: Host 192.168.1.100 is reachable.18) Enter 'Q' to quit this menu and go to the upper menu.
Enter 1,2,3,Q,or H: Q
Enter P,D,I,S,G,V,T,F,E,R,N,Q,or H: Q19) Enter 'G' to transfer the HQIP image from the TFTP server to FortiGate.
Enter P,D,I,S,G,V,T,F,E,R,N,Q,or H: Q19) Enter 'G' to transfer the HQIP image from the TFTP server to FortiGate.
Enter C,R,T,F,I,B,Q,or H: G20) Do the following steps to complete the transfer.
Connect the TFTP server to the Ethernet port 'WAN1'.
Enter TFTP server address [192.168.1.100]: Press “Enter” key
Enter local address [192.168.1.1]: Press “Enter” key
Enter firmware image file name [image.out]: FGT_60D-HQIP.2.5.0.1035.OUT
MAC: 90:6c:ac:c0:67:6a
Connect to tftp server 192.168.1.100 ...
#############################################################
Image Received.
Checking image... OK
Save as Default firmware/Backup firmware/Run image without saving:[D/B/R]? D
Programming the boot device now.
.................................................................................................................................
Booting OS...
Reading boot image... 1829759 bytes.
Initializing firewall...
System is starting...21) When FortiGate turns up, log in to FortiGate with credentials.
Enter local address [192.168.1.1]: Press “Enter” key
Enter firmware image file name [image.out]: FGT_60D-HQIP.2.5.0.1035.OUT
MAC: 90:6c:ac:c0:67:6a
Connect to tftp server 192.168.1.100 ...
#############################################################
Image Received.
Checking image... OK
Save as Default firmware/Backup firmware/Run image without saving:[D/B/R]? D
Programming the boot device now.
.................................................................................................................................
Booting OS...
Reading boot image... 1829759 bytes.
Initializing firewall...
System is starting...21) When FortiGate turns up, log in to FortiGate with credentials.
FORTITEST/FGT60D4Q16-----6 login: admin
Password: XXXXXXXX
Test program loading(HQIP, Build1035,Aug 18 2015 01:36:54) ...
Engine Version: v1.0 Build 1035. Aug 18 2015 01:36:34
You are running HQIP test program. To start testing, login as "admin" without password, and type:
diagnose hqip start
Welcome !
FORTITEST/FGT60D4Q16-----6 #
Password: XXXXXXXX
Test program loading(HQIP, Build1035,Aug 18 2015 01:36:54) ...
Engine Version: v1.0 Build 1035. Aug 18 2015 01:36:34
You are running HQIP test program. To start testing, login as "admin" without password, and type:
diagnose hqip start
Welcome !
FORTITEST/FGT60D4Q16-----6 #
12. In order to do the HQIP test, run the CLI command 'diagnose hqip start'.
13. Test procedure is now possible. To keep doing the HQIP tests, follow the suggestion from the screen.
Example: Enter 'SPACEBAR' or 'ENTER' to go to the next step.
14. When the test is done, the HQIP test result will be visible.
Example: Enter 'SPACEBAR' or 'ENTER' to go to the next step.
14. When the test is done, the HQIP test result will be visible.
