|
The error appears as one of the following:
Fatal error: Loading FOS fails!
Please power cycle. System halted.
Or:
Fatal error: AV engine file authentication failed!
Please power cycle. System halted.
To solve the issue, follow the steps below.
Make sure Windows defender firewall and any 3rd party firewall is disabled before further testing.
Step 1: Restart the Firewall using the CLI. While the device restarts, press any key to see boot options.
Initializing boot device...
Initializing MAC... NP6XLITE#0
Please wait for OS to boot, or press any key to display the configuration menu.
[C]: Configure TFTP parameters.
[R]: Review TFTP parameters.
[T]: Initiate TFTP firmware transfer.
[F]: Format boot device.
[I]: System information. >>>>>>>>>>>>>>>>>> Select This Option
[B]: Boot with backup firmware and set as default.
[Q]: Quit menu and continue to boot.
[H]: Display this list of options.
Step 2: Enter option I.
Enter C,R,T,F,I,B,Q,or H:
[S]: Set serial port baudrate.
[R]: Set restricted mode.
[T]: Set menu timeout.
[U]: Set security level.
[I]: Display system information.
[E]: Reset system configuration.
[P]: Normal POST test.
[Q]: Quit this menu.
[H]: Display this list of options.
Step 3: Enter option U.
Enter C,R,T,F,I,B,Q,or H:
[S]: Set serial port baudrate.
[R]: Set restricted mode.
[T]: Set menu timeout.
[U]: Set security level.
[I]: Display system information.
[E]: Reset system configuration.
[P]: Normal POST test.
[Q]: Quit this menu.
[H]: Display this list of options.
Step 4: Enter option 1 to set the security level to 1.
Enter option 1 to set security level to 1
Enter S,R,T,U,I,E,P,Q,or H:
[0]: Level 0 - Check image silently
[1]: Level 1 - Check image with result only
[2]: Level 2 - Check image and reinforce validity
Enter security level setting [2]:. Done
Step 5: Load the firmware image from the TFTP server.
Note:
If the customer is getting a System Halt message during boot like this:
System is starting...
Error: Package validation failed. level:2, sign_status:2, pid: 111, path: /data/lib/libips.so
Found AV engine signature invalid!!!
Found IPS engine signature invalid!!!
FortiGate detected an invalid AV/IPS engine, experiencing an unexpected shutting down!
The system is going down NOW !!
The system is halted.
If the Customer FortiGate firmware version is 6.4.13, 7.0.12, 7.2.5, or 7.4.0 then it is necessary to change the BIOS/Security level to 1 or 0.
This issue has been resolved in FortiOS versions 6.4.15:2115, 7.0.13:0550, 7.2.6:1548, 7.4.1:2413.
Related articles:
Technical Tip: Loading FortiGate firmware image using TFTP.
Technical Tip: Installing firmware from system reboot.
Technical Tip: BIOS level signature and file integrity checking - FortiGate Administration Guide.
Troubleshooting Tip: Downgrade of FortiOS fails due to BIOS check
|
