Created on 02-26-2024 12:31 AM Edited on 02-26-2024 12:33 AM By Anthony_E
Description | This article describes the typical circumstances behind the 'User shutdown of the device from forticron. The reason is 'System file integrity check failed'. |
Scope | FortiGate v7.2.5 and above. |
Solution |
If the FortiGate had gone down without any action and with the following log:
logid=0100032200 type="event" subtype="system" level="critical" action="shutdown" msg="User shutdown the device from forticron. The reason is 'System file integrity check failed'" logdesc="Device shutdown" ui="forticron"
This can be an expected behavior depending on the BIOS security level. For level 1 and level 2, all file signatures are required to match their secure checksums as indicated on the Fortinet CA signed certificate. If the system file integrity check fails, it simply indicates that the system file may have been tampered with.
For more information regarding this new feature, refer to the following administration guide from FortiOS 7.2.5 (under 'BIOS-level signature and file integrity check'): BIOS-level signature and file integrity checking NEW
Solution: Initiate a ticket with TAC support to check whether this is a false positive.
Workaround: TFTP firmware reloads the firmware completely to erase the existing firmware on the hardware model if any quick solution is required without checking with Fortinet TAC. The factory reset command from the CLI will not work. Once TFTP reloaded the firmware, restore the backup configuration. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.