Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Stephen_G
Moderator
Moderator

Created on ‎08-11-2023 05:40 AM Edited on ‎10-11-2023 09:18 PM By Community Manager

Article Id 268486

Technical Tip: Required tools to restore firmware and configuration after an RMA

Description

This article describes the required tools for restoring firmware and configuration to numerous Fortinet products after an RMA.
Scope FortiGate, FortiMail, FortiSandbox, FortiSwitch.
Solution

Below are the tools required for this operation.

 

Console Cable

 001.png

 

A serial console cable and possibly a USB/Serial adapter are required.

 

This will connect the technician's computer to the FortiGate console port.

 

RJ45 Cable

 

002.png

 

An RJ45 cable is required.

It will connect the technician's computer to the FortiGate Ethernet management port.

 

Terminal emulator client

 

A terminal emulator client is required.

PuTTY is a well-known client and is a good fit for the job. Download it from the official website by selecting 'Download PuTTY' and choosing 'putty.exe'.

 

003.png

 

The above image shows the default view after opening PuTTY.

The default connection mode is SSH.

The IP must be entered in the 'Host Name (or IP address)' field.

Afterwards, select 'Open' to start the session.

 

For console serial access, the COM port number is required.

To find out the COM port number on Windows OS, perform the following steps:

  • Windows Key + R.
  • Enter 'devmgmt.msc' then select 'OK.
  • Scroll to the section 'Ports (COM & LPT)'.
  • Retrieve the COM port number.
  • It is 3 in this example.

004.png

005.png

 

Once the COM port number is known, select 'Serial' and then change the 'Serial line' value if necessary to the value found out previously. Run the connection by selecting 'Open'.

Connection speed should not be changed as 9600 is the appropriate value to access the FortiGate console.

For FortiSwitch, the Speed is 115200.

 

006.png

 

Console output can be saved in a text file if required. It is usually recommended to have a backup of the operation as a text file.

 

To do so, 'right-click' on the title bar and select 'Change Settings'. Go to logging and then select 'All session output' and the target file.

 

007.png

 

008.png

 

TFTP server setup

 

If a firmware upgrade is required for the operation, the technician should have a TFTP server ready to serve a firmware image to the FortiGate.

 

The Tftpd64 application will accomplish this.

To download the application, go to the GitHub page and select 'Download page'.

Choose either 'tftpd64…exe' or 'tftpd32…exe' and install it.

 

After that, create the 'C:\temp\images' directory and 'Browse' in the application to select the new directory. This will be the root directory of the TFTP server.

 

009.png

 

All images and configurations that should be uploaded to the FortiGate should be in the TFTP root directory folder.

Related article:
Technical Tip: Formatting and loading FortiGate firmware image using TFTP 
1294
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.