Fortinet Community

Fortigate-6301F (mgmt-vdom) # diagnose ip address list | grep tftp
IP=169.254.255.1->169.254.255.1/255.255.255.0 index=17 devname=base-tftp

- A 169.254.255 IP is required in the boot process. Use any IP in range 169.254.255.X and make sure that IP is not in use anywhere on the network.

Fortigate-6000F (mgmt-vdom) # diagnose ip address list | grep "169.254.255\|SN"  <----- ####<<169.254.255 ip addresses used usually on 6000 series>>####

Slot: 1  Module SN: FPC6KFT----------

IP=169.254.255.3->169.254.255.3/255.255.255.0 index=3 devname=x710-0

Slot: 2  Module SN: FPC6KFT----------

IP=169.254.255.4->169.254.255.4/255.255.255.0 index=3 devname=x710-0

Slot: 3  Module SN: FPC6KFT----------

IP=169.254.255.5->169.254.255.5/255.255.255.0 index=3 devname=x710-0

Slot: 4  Module SN: FPC6KFT----------

IP=169.254.255.6->169.254.255.6/255.255.255.0 index=3 devname=x710-0

Slot: 5  Module SN: FPC6KFT----------

IP=169.254.255.7->169.254.255.7/255.255.255.0 index=3 devname=x710-0

Slot: 6  Module SN: FPC6KFT----------

IP=169.254.255.8->169.254.255.8/255.255.255.0 index=3 devname=x710-0

MBD SN: FPC6KFT----------

IP=169.254.255.1->169.254.255.1/255.255.255.0 index=17 devname=base-tftp

If the first option 1 fails, use the second option to download the image as described below.

Scope
For FortiGate-6000 series.

Solution
- Open two SSH connections to the MBD of the chassis.
- On one SSH session, execute:

# execute system console-server connect 3

- From 2nd SSH session on MBD , reboot the failed FPC.

# execute load-balance slot reboot 3

Fortigate-6301F (global) # execute system console-server connect 3
Trying 127.0.0.1...
<<<SKIPP>>>
Boot up, boot device capacity: 15272MB.
Press any key to display configuration menu...

[C]:  Configure TFTP parameters.
[R]:  Review TFTP parameters.
[T]:  Initiate TFTP firmware transfer.
[F]:  Format boot device.
[B]:  Boot with backup firmware and set as default.
[I]:  System configuration and information.
[Q]:  Quit menu and continue to boot.
[H]:  Display this list of options.

Enter C,R,T,F,B,I,Q,or H:                           <----- Type F

All data will be erased, continue:[Y/N]? Y
Formatting boot device...
..............................
Format boot device completed.


Enter C,R,T,F,B,I,Q,or H:                           <----- Type C

[P]:  Set image download port.
[D]:  Set DHCP mode.
[I]:  Set local IP address.
[S]:  Set local subnet mask.
[G]:  Set local gateway.
[V]:  Set local VLAN ID.
[T]:  Set remote TFTP server IP address.
[F]:  Set firmware image file name.
[E]:  Reset TFTP parameters to factory defaults.
[R]:  Review TFTP parameters.
[N]:  Diagnose networking (ping).
[H]:  Display this list of options.
[Q]:  Quit this menu.

Enter P,D,I,S,G,V,T,F,E,R,N,H or Q:                 <----- Type I.

Enter local IP address [192.168.1.3]:169.254.255.50 <----- Choose any IP that is not in used in 169.254.255.X subnet. Here 169.254.255.50 is used.

Enter P,D,I,S,G,V,T,F,E,R,N,H or Q:                 <----- Type F.

Enter firmware file name [BurnGate/Fortigate-6301F/HQIP/FGT_6000F-HQIP.4.0.1.2353.out]:image.out. <----- ###<<image.out is the correct name. Type as it is>###

Enter P,D,I,S,G,V,T,F,E,R,N,H or Q:                 <----- Type T.

Enter remote TFTP server IP address [192.168.1.168]:169.254.255.1
Enter P,D,I,S,G,V,T,F,E,R,N,H or Q: ->> Type R to review the settings

Image download port:     MGMT1
DHCP status:             disabled
Local VLAN ID:           none
Local IP address:        169.254.255.50             <----- Check
Local subnet mask:       255.255.255.0              <----- Check
Local gateway:           169.254.255.1    
TFTP server IP address:  169.254.255.1              <----- Check
Firmware file name:      image.out                  <----- Check.

Enter P,D,I,S,G,V,T,F,E,R,N,H or Q:                 <----- Type Q

Image download port:     MGMT1
DHCP status:             disabled
Local VLAN ID:           none
Local IP address:        169.254.255.50 <----- Check.
Local subnet mask:       255.255.255.0  <----- Check.
Local gateway:           169.254.255.1
TFTP server IP address:  169.254.255.1  <----- Check.
Firmware file name:      image.out      <----- Check.

Enter P,D,I,S,G,V,T,F,E,R,N,H or Q:                 <----- Type T

[C]:  Configure TFTP parameters.
[R]:  Review TFTP parameters.
[T]:  Initiate TFTP firmware transfer.
[F]:  Format boot device.
[B]:  Boot with backup firmware and set as default.
[I]:  System configuration and information.
[Q]:  Quit menu and continue to boot.
[H]:  Display this list of options.

Enter C,R,T,F,B,I,Q,or H:

Please connect TFTP server to Ethernet port "MGMT1".
MAC:
MAC:         E8:1C:BA:54:9F:92
 ##########################################################################
Total 78275712 bytes data downloaded.
Verifying the integrity of the firmware image.

Total 262144kB unzipped.
Save as Default firmware/Backup firmware/Run image without saving:[D/B/R]? <----- Type D
Programming the boot device now.
................................................................................................................................................................................................................................................................
Reading boot image 3096759 bytes.
Initializing firewall...
System is starting...
Resizing shared data partition...done
Formatting shared data partition ... done!
Starting system maintenance...
Scanning /dev/sda1... (100%)   
Scanning /dev/sda3... (100%)   

F6KF31T019-----6 login: admin
Password:
Please wait until the FPC is completely Up and Running. Example:

Fortigate-6301F (global) # diagnose load-balance status
     Slot 3: FPC6KFT018-----1
       Status:Working   Function:Active
       Link:      Base: Up          Fabric: Up
       Heartbeat: Management: Good   Data: Good
       Status Message:"Running"