Unlock Exclusive Benefits
Join Our Community Today!
Join our community and post in the forum to earn your exclusive Summer Badge! Become a member today!
LOGIN/REGISTER
CONTINUE AS A GUEST
- Support Forum
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiADC
- FortiAIOps
- FortiAnalyzer
- FortiAP
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCare Services
- FortiCarrier
- FortiCASB
- FortiConverter
- FortiCNP
- FortiDAST
- FortiData
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDLP
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEdgeCloud
- FortiEDR
- FortiEndpoint
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiGuest
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPhish
- FortiPortal
- FortiPresence
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSRA
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- FortiAppSec Cloud
- Lacework
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Support Forum
- FortiSwitch Power Event
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FortiSwitch Power Event
I recently had a UPS go down and when we recovered the power to the FortiSwitch 448E that was connected to it, the switch came up but appeared to not work at all. I couldn't get to on any management interface except using the console port in the rear with a serial cable. Anyway, what I discovered was that when power was lost and it booted up again, it booted from the secondary image with a stock config file. I was able to reboot off the primary image and it appears "normal" however I need to do some testing before I start moving devices and users back to it.
My question is: Why did it load off the secondary and how can I prevent it (and my other FortiSwitches) from doing that again? I noted the 'set image-rotation' command is set to "enable" by default but I know little about what this does and why anyone would want the image to rotate each time at boot. I believe the current firmware on it was 7.2.3.
Also, I want to make sure my other FortiSwitches won't behave like this in the event of a power disruption so any suggestions would be much appreciated.
-Mike
-Mike
Labels:
- Labels:
-
FortiSwitch
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Mike,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
Anthony-Fortinet Community Team.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FYI: I'm working on the postmortem for this crash and I've removed it from production because I don't fully trust that if it does reboot again, it won't come up on the secondary config that is blank. However, in my lab, I've done graceful reboots and ungraceful (unplugged the power) and it seems to reboot using it's normal config.
Ideally I'd like to make sure the rest of FortiSwitches (about 10 of them total) don't behave the way this one did as we are going into spring/summer and power outages are more frequent due to severe weather events.
-Mike
-Mike
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Greetings!
When a FortiSwitch boots from the secondary image with a stock configuration after a power event, it may be due to the image rotation feature. Here's how you can address this issue:
- The `set image-rotation` command, when enabled, allows the switch to boot from the alternate partition if the current one fails. This is a safeguard to ensure the switch can still operate if the primary image is corrupted.
- If you want to prevent the switch from booting from the secondary image automatically, you can disable image rotation. Use the following commands:
```
config system global
set image-rotation disable
end
```
- Ensure the correct partition is set for the next reboot. Use the command:
```
execute set-next-reboot primary
```
This command sets the primary partition as the next boot partition.
- After making these changes, test the switch by simulating a reboot to ensure it boots from the desired partition.
- Monitor the switch logs for any errors or warnings that might indicate issues with the primary image.
Regards!
Dhruvin Patel
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I had another switch that when rebooted this morning came up on an empty config. I was able to restore it to a the most recent backup config from flash and all is well but this switch had image rotation disabled prior to the reboot. 3 other switches I rebooted in the last 24 hours behaved normally and they had image rotation disabled.
I'm not sure where the issue is coming from. The models of Fortiswitch were 448Ds (normally rebooted), 448E (one rebooted normally and one did not) and a 448E-POE which was the one that didn't work normally this morning. I have another 448E (FPOE model) that I've held off on rebooting as well as a 1048E which functions as a core fiber switch.
Any more suggestions?
-Mike
-Mike
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I've ran into the same thing described here a few times. Does it make sense to just disable image-rotation globally in an environment?
Labels
-
FortiGate
10,546 -
FortiClient
2,144 -
FortiManager
889 -
5.2
687 -
FortiAnalyzer
677 -
5.4
638 -
FortiSwitch
582 -
FortiAP
559 -
FortiClient EMS
557 -
IPsec
417 -
6.0
416 -
SSL-VPN
374 -
FortiMail
371 -
5.6
362 -
FortiNAC
279 -
FortiWeb
252 -
6.2
251 -
FortiAuthenticator v5.5
234 -
SD-WAN
191 -
FortiAuthenticator
170 -
FortiGuard
159 -
5.0
152 -
Firewall policy
142 -
FortiGate-VM
129 -
6.4
128 -
FortiCloud Products
116 -
FortiSIEM
113 -
FortiGateCloud
112 -
FortiToken
111 -
Wireless Controller
95 -
Customer Service
88 -
High Availability
83 -
FortiProxy
77 -
Routing
75 -
ZTNA
75 -
Fortivoice
71 -
SAML
71 -
DNS
71 -
VLAN
70 -
FortiEDR
68 -
FortiADC
68 -
BGP
67 -
Authentication
66 -
Certificate
64 -
RADIUS
59 -
LDAP
58 -
SSO
54 -
fortilink
54 -
FortiSandbox
53 -
NAT
52 -
FortiExtender
51 -
4.0MR3
49 -
VDOM
45 -
Application control
44 -
FortiDNS
43 -
Interface
43 -
Logging
40 -
Virtual IP
39 -
FortiGate v5.4
38 -
FortiSwitch v6.4
38 -
FortiPAM
35 -
SSL SSH inspection
35 -
Web profile
35 -
FortiConnect
34 -
Automation
33 -
FortiWAN
31 -
FortiConverter
30 -
FortiGate v5.2
27 -
Traffic shaping
26 -
SNMP
25 -
API
25 -
SSID
25 -
Static route
25 -
FortiSwitch v6.2
23 -
FortiPortal
23 -
FortiGate Cloud
23 -
System settings
22 -
OSPF
20 -
WAN optimization
20 -
FortiMonitor
19 -
Security profile
19 -
Web application firewall profile
18 -
IP address management - IPAM
18 -
FortiSoar
17 -
Web rating
17 -
FortiGate v5.0
16 -
FortiDDoS
16 -
FortiAP profile
16 -
Explicit proxy
15 -
Admin
15 -
Proxy policy
15 -
FortiCASB
14 -
IPS signature
14 -
Intrusion prevention
14 -
FortiManager v4.0
13 -
DNS filter
13 -
FortiManager v5.0
12 -
NAC policy
12 -
users
12 -
Traffic shaping policy
12 -
Fabric connector
12 -
Port policy
12 -
FortiDeceptor
11 -
FortiRecorder
11 -
FortiAnalyzer v5.0
10 -
FortiWeb v5.0
10 -
FortiBridge
10 -
Trunk
10 -
Traffic shaping profile
10 -
Authentication rule and scheme
10 -
Fortinet Engage Partner Program
10 -
FortiGate v4.0 MR3
9 -
RMA Information and Announcements
9 -
Antivirus profile
9 -
FortiCache
8 -
FortiToken Cloud
8 -
4.0
7 -
4.0MR2
7 -
Packet capture
7 -
Application signature
7 -
VoIP profile
7 -
Vulnerability Management
7 -
FortiScan
6 -
FortiCarrier
5 -
FortiNDR
5 -
FortiTester
5 -
DLP profile
5 -
DLP sensor
5 -
DoS policy
5 -
Email filter profile
5 -
Protocol option
5 -
Cloud Management Security
5 -
3.6
4 -
FortiDirector
4 -
Internet service database
4 -
DLP Dictionary
4 -
Netflow
4 -
TACACS
4 -
Replacement messages
4 -
SDN connector
4 -
Service
4 -
Multicast routing
4 -
FortiDB
3 -
FortiHypervisor
3 -
Kerberos
3 -
File filter
3 -
Multicast policy
3 -
FortiEdge Cloud
3 -
FortiInsight
2 -
FortiAI
2 -
Video Filter
2 -
Schedule
2 -
ICAP profile
2 -
Zone
2 -
Lacework
2 -
FortiGuest
2 -
4.0MR1
1 -
FortiManager-VM
1 -
FortiCWP
1 -
Subscription Renewal Policy
1 -
FortiSASE
1 -
Virtual wire pair
1 -
FortiEdge
1 -
FortiAIOps
1
Top Kudoed Authors
| User | Count |
|---|---|
| 2570 | |
| 1362 | |
| 796 | |
| 651 | |
| 455 |
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2025 Fortinet, Inc. All Rights Reserved.