Technical Tip: Restore image using an FTP server and from an URL

enguyen3467 · ‎10-10-2023

Description

This article describes how to restore the firmware image to the FortiGate via the CLI using the FTP method or from a URL.

This is useful in the scenario where the GUI is not accessible, the FortiGate can only be accessed via SSH and console connection and it would be possible to execute a firmware upgrade or downgrade.

Scope

FortiGate.

Solution

Be sure to have the FortiGate firewall accessible to the FTP server or the URL that contains the image.

To see all available options to restore image via CLI, type the following command:

execute restore image ?

flash <----- Restore image from flash.
ftp <----- Load image from FTP server.
management-station <----- Restore the image from the Management station.
tftp <----- Restore the image from TFTP server.
url <----- Restore the image from URL with HTTP/HTTPS protocols. Decrypt image if needed.
usb <----- Restore image from USB disk.

From an FTP server:

execute restore image ftp <path>\<image-name>.out <FTP-IP-address-or-FQDN>[:<FTP-port>] <username> <password>

If nothing is specified in the <FTP-port>, FortiGate uses port 21 to communicate with the FTP server.

From an URL:

execute restore image url <URL-to-the-image> [<image-encryption-passphrase>] [<bypass-signature-and-validity-checking>]

To load the image from a URL, the first optional parameter can be left blank if there is no password to decrypt the image

. For the second optional parameter, enter force to bypass any signature and validity-checking.

Technical Tip: Restore image using an FTP server and from an URL

You are leaving our website