Fortinet 310B manual Installing firmware from a system reboot using the CLI

Page 50

Installing firmware from a system reboot using the CLI

FortiGate Firmware

4Make sure the FortiGate unit can connect to the TFTP server.

You can use the following command to ping the computer running the TFTP server. For example, if the TFTP server’s IP address is 192.168.1.168:

execute ping 192.168.1.168

5Enter the following command to copy the firmware image from the TFTP server to the FortiGate unit:

execute restore image <name_str> <tftp_ipv4>

Where <name_str> the IP address of the imagev28.out and

is the name of the firmware image file and <tftp_ip4> is TFTP server. For example, if the firmware image file name is the IP address of the TFTP server is 192.168.1.168, enter:

execute restore image image28.out 192.168.1.168

The ForitGate unit responds with this message:

This operation will replace the current firmware version!

Do you want to continue? (y/n)

6Type y.

The FortiGate unit uploads the firmware image file. After the file uploads, a message similar to the following appears:

Get image from tftp server OK. Check image OK.

This operation will downgrade the current firmware version! Do you want to continue? (y/n)

7Type y.

The FortiGate unit reverts to the old firmware version, resets the configuration to factory defaults, and restarts. This process takes a few minutes.

8Reconnect to the CLI.

9To restore your previous configuration, if needed, use the command:

execute restore config <name_str> <tftp_ip4>

10Update antivirus and attack definitions using the command: execute update-now.

Installing firmware from a system reboot using the CLI

This procedure installs a firmware image and resets the FortiGate unit to default settings. You can use this procedure to upgrade to a new firmware version, revert to an older firmware version, or re-install the current firmware.

To use this procedure, you must connect to the CLI using the FortiGate console port and a RJ-45 to DB-9, or null modem cable.

This procedure reverts the FortiGate unit to its factory default configuration.

For this procedure you install a TFTP server that you can connect to from the FortiGate internal interface. The TFTP server should be on the same subnet as the internal interface.

Before beginning this procedure, it is recommended that you back up the FortiGate unit configuration.

 

FortiGate-310B FortiOS 3.0 MR6 Install Guide

50

01-30006-0472-20080815

Image 50
Contents Install G U I D E Trademarks Regulatory complianceContents Downloading firmware Configuring Transparent modeProtection profiles Firewall policies Installing firmware from a system reboot using the CLI Using the web-based managerUsing the CLI Testing new firmware before installingPage Introduction Register your FortiGate unitAbout this document Lacp configurationAbout the FortiGate-310B Typographic conventions Further ReadingDocument conventions Addressipv4FortiGate Administration Guide Fortinet Knowledge CenterCustomer service and technical support Comments on Fortinet technical documentationCustomer service and technical support Installing Environmental specificationsMounting GroundingRack mount instructions To install the FortiGate unit into a rack Installed mounting bracketsTo power off the FortiGate unit Connecting to the networkTo power on the FortiGate unit Plugging in the FortiGateNAT mode ConfiguringNAT vs. Transparent mode Connecting to the web-based manager Connecting to the FortiGate unitTransparent mode To connect to the web-based managerBits per second 9600 Data bits Parity Connecting to the CLITo connect to the CLI Stop bits Flow controlConfigure the interfaces Configuring NAT modeUsing the web-based manager To configure interfaces Go to System Network InterfaceInitial Padt Timeout Configure a DNS serverAdding a default route and gateway Source Interface To modify the default gateway Go to Router StaticAdding firewall policies Source Address AllTo set an interface to use Dhcp addressing Using the CLITo set an interface to use a static address To configure DNS server settings To set an interface to use PPPoE addressingTo modify the default gateway To add an outgoing traffic firewall policyTo switch to Transparent mode Go to System Status Configuring Transparent modeSwitching to Transparent mode Source Address All Destination Interface To switch to Transparent mode Verify the configuration Backing up the configurationSet the Administrator password Restoring a configurationAdditional configuration Set the time and dateConfigure FortiGuard Updating antivirus and IPS signaturesAdditional configuration Protection profiles Advanced configurationDefault protection profiles Firewall policies Firewall policiesConfiguring firewall policies Antivirus optionsAntiSpam options Web filtering Logging To install the filler module Installing AMC filler unitsInstalling modules AMC modulesHard disk module Using the AMC modulesRemoving modules To insert a module into a FortiGate chassisFormatting the hard disk Log configuration using the web-based managerTo format the ASM-S08 hard disk enter the following command Execute formatlogdiskViewing logs Log configuration using the CLIChanging interfaces to operate in Sgmii or SerDes mode ASM-FB4 and ADM-XB2 modulesConfigure the speed Config system interface edit AMC-SW1/1 Set speed auto EndUsing the AMC modules FortiGate Firmware Downloading firmwareReverting to a previous version Using the web-based managerUpgrading the firmware To revert to a previous firmware version Backup and Restore from a USB keyUsing the USB Auto-Install Execute ping Using the CLITo upgrade the firmware using the CLI Execute update-now Execute restore image namestr tftpip4Execute restore image image.out To revert to a previous firmware version using the CLIExecute restore image image28.out Installing firmware from a system reboot using the CLIExecute restore image namestr tftpipv4 Execute restore config namestr tftpip4Press any key to display configuration menu To install firmware from a system rebootExecute reboot Enter Tftp server addressEnter Local Address Restoring the previous configurationTo backup configuration using the CLI Enter File Name image.outTo configure the USB Auto-Install using the CLI Additional CLI Commands for a USB keyTo restore configuration using the CLI Testing new firmware before installing To test the new firmware imageTesting new firmware before installing Testing new firmware before installing Index Web filtering 37 web-based manager Page Page

310B specifications

The Fortinet 310B is a powerful next-generation firewall (NGFW) designed to meet the evolving needs of modern enterprises. As part of Fortinet's Security Fabric, the 310B offers robust security features combined with high performance, enhancing network security while maintaining ease of use.

One of the standout features of the Fortinet 310B is its high throughput capability. With up to 10 Gbps of firewall throughput and an impressive IPS throughput of 3.5 Gbps, the device is optimized for handling heavy network traffic with minimal latency. This makes it suitable for both medium and large-scale environments, where performance and speed are critical.

The Fortinet 310B integrates a comprehensive suite of security technologies. At its core is FortiOS, the operating system that powers Fortinet’s security appliances. FortiOS includes advanced threat protection capabilities such as intrusion prevention system (IPS), deep packet inspection, and antivirus scanning. These features help protect against a wide range of threats, including malware, ransomware, and zero-day attacks, ensuring that networks are resilient against various cyber threats.

Another key characteristic of the Fortinet 310B is its multi-layered security architecture. The device supports a range of technologies such as SSL inspection, web filtering, and application control. By leveraging these functionalities, organizations can enforce granular security policies across different applications and users, improving overall visibility and control over the network environment.

The Fortinet 310B also incorporates FortiGate's unique Security Fabric technology, which enables seamless integration with other Fortinet products and third-party solutions. This interoperability allows for centralized management, simplified security operations, and enhanced threat intelligence sharing, creating a holistic security approach.

In addition to its security capabilities, the Fortinet 310B offers a variety of connectivity options, including multiple Ethernet ports and support for FortiLink, which allows for easy integration with FortiAP access points and FortiSwitches. This flexibility facilitates the deployment of secure network segments and wireless solutions.

The device also supports advanced features such as VPN capabilities for secure remote access, SD-WAN for optimizing network performance, and extensive reporting and logging for compliance and accountability. All these attributes make the Fortinet 310B a formidable choice for organizations looking to bolster their network security posture while maximizing operational efficiency. Overall, the Fortinet 310B stands out as a reliable and versatile solution in the realm of network security appliances.