Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Bobby
New Contributor

Upgrade Firmware with a FTP server

Hi everyone,

 

I would like to know if it's possible to use a FTP server and not a TFTP server to make a Firmware upgrade on a Fortifate 60D. OS running : 5.0.8.

 

I see that in this document (http://docs.fortinet.com/uploaded/files/1087/fortigate-install-system-admin-50.pdf) the CLI command only for TFTP server, but as you know, TFTP use UDP and it's not really secure...

 

Thank you for helping !

4 REPLIES 4
ede_pfau
Esteemed Contributor III

Try a combination of

execute upload image ftp <filename_str> <comment> <server_ipv4[:
port_int] | server_fqdn[:port_int]> [<username_str>
[<password_str>]]
and
execute set-next-reboot {primary | secondary}

exec reboot. The hardware will have to have enough flash disk space to hold 2 images.


Ede

"Kernel panic: Aiee, killing interrupt handler!"
rwpatterson
Valued Contributor III

The server should be directly connected to the FGT with a single cable. No one should be able to sniff that sucker... If they could, all they would get would be a firmware image for your FGT. No corporate secrets there.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

ede_pfau
Esteemed Contributor III

...especially NO password!! TFTP rocks -


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Bobby
New Contributor

First : thank you ede_pfau for your answer. I will try your purpose ASAP.

Then : I'm a kind of ISP and I need to upgrade some customer's firewall to a supported Firmware. I can't just put a cable between all my customer and my FTP server...

 

I all ready use my FTP server for different equipment... If i can use the same server to upgrade my fortigate it will be perfect for me...