Fortinet 3016B manual To revert to a previous firmware version using the CLI

Page 49

 

 

 

FortiGate Firmware

Using the CLI

Reverting to a previous version

This procedure reverts the FortiGate unit to its factory default configuration and deletes IPS custom signatures, web content lists, email filtering lists, and changes to replacement messages.

Before beginning this procedure, it is recommended that you:

back up the FortiGate unit system configuration using the command execute backup config

back up the IPS custom signatures using the command execute backup ipsuserdefsig

back up web content and email filtering lists

If you are reverting to a previous FortiOS version (for example, reverting from FortiOS v3.0 to FortiOS v2.80), you might not be able to restore the previous configuration from the backup configuration file.

Note: Installing firmware replaces your current antivirus and attack definitions, along with the definitions included with the firmware release you are installing. After you install new firmware, make sure that antivirus and attack definitions are up to date. You can also use the CLI command execute update-nowto update the antivirus and attack definitions.

Note: To use this procedure, you must log in using the admin administrator account, or an administrator account that has system configuration read and write privileges.

To use the following procedure, you must have a TFTP server the FortiGate unit can connect to.

To revert to a previous firmware version using the CLI

1Make sure the TFTP server is running

2Copy the firmware image file to the root directory of the TFTP server.

3Log into the FortiGate CLI.

4Make sure the FortiGate unit can connect to the TFTP server.

You can use the following command to ping the computer running the TFTP server. For example, if the TFTP server’s IP address is 192.168.1.168:

execute ping 192.168.1.168

5Enter the following command to copy the firmware image from the TFTP server to the FortiGate unit:

execute restore image <name_str> <tftp_ipv4>

Where <name_str> is the name of the firmware image file and <tftp_ip4> is the IP address of the TFTP server. For example, if the firmware image file name is imagev28.out and the IP address of the TFTP server is 192.168.1.168, enter:

execute restore image image28.out 192.168.1.168

The ForitGate unit responds with this message:

This operation will replace the current firmware version! Do you want to continue? (y/n)

6Type y.

FortiGate-3016B FortiOS 3.0 MR6 Install Guide

 

01-30006-0458-20080318

49

Image 49
Contents Install G U I D E Regulatory compliance TrademarksContents AMC modules Advanced configurationInstalling firmware from a system reboot using the CLI Using the web-based managerTesting new firmware before installing FortiGate FirmwarePage Register your FortiGate unit IntroductionAbout this document About the FortiGate-3016BDocument conventions Typographic conventions Further ReadingFortinet Knowledge Center Customer service and technical supportComments on Fortinet technical documentation Environmental specifications InstallingRack mount instructions GroundingMounting Installed mounting brackets To install the FortiGate unit into a rackPlugging in the FortiGate To power on the FortiGate unitTo power off the FortiGate unit Connecting to the networkTurning off the FortiGate unit Turning off the FortiGate unit NAT vs. Transparent mode ConfiguringNAT mode Transparent mode Connecting to the FortiGate unitConnecting to the web-based manager To connect to the web-based managerTo connect to the CLI Connecting to the CLIUsing the web-based manager Configuring NAT modeConfigure the interfaces To configure interfaces Go to System Network InterfaceAdding a default route and gateway Configure a DNS serverAdding firewall policies To modify the default gateway Go to Router StaticTo set an interface to use a static address Using the CLITo set an interface to use Dhcp addressing To set an interface to use PPPoE addressing To configure DNS server settingsTo modify the default gateway Configuring Transparent modeTo add an outgoing traffic firewall policy To switch to Transparent mode Go to System Status Switching to Transparent modeTo switch to Transparent mode To configure DNS server settings Backing up the configuration Verify the configurationAdditional configuration Restoring a configurationSet the Administrator password Set the time and dateUpdating antivirus and IPS signatures Configure FortiGuardAdditional configuration Protection profiles Advanced configurationFirewall policies Firewall policiesAntivirus options Configuring firewall policiesAntiSpam options Web filtering Logging Installing modules Installing AMC filler unitsTo install the filler module AMC modulesRemoving modules Using the AMC modulesHard disk module To insert a module into a FortiGate chassisTo format the ASM-S08 hard disk enter the following command Log configuration using the web-based managerFormatting the hard disk Changing interfaces to operate in Sgmii or SerDes mode Log configuration using the CLIViewing logs ASM-FB4 and ADM-XB2 modulesAMC modules Config system interface edit AMC-SW1/1 Set speed auto End Configure the speedFortiGate Firmware Using the web-based managerDownloading firmware Upgrading the firmwareReverting to a previous version To upgrade the firmwareTo revert to a previous firmware version Using the USB Auto-Install Backup and Restore from a USB keyTo upgrade the firmware using the CLI Using the CLIExecute restore image namestr tftpipv4 To revert to a previous firmware version using the CLITo install firmware from a system reboot Installing firmware from a system reboot using the CLIEnter Tftp server address To backup configuration using the CLI Restoring the previous configurationTo restore configuration using the CLI Additional CLI Commands for a USB key Testing new firmware before installingTo configure the USB Auto-Install using the CLI To test the new firmware image FortiGate Firmware Testing new firmware before installing Index Web filtering 37 web-based manager Page Page
Related manuals
Manual 2 pages 28.98 Kb

3016B specifications

The Fortinet 3016B is a robust firewall solution designed to meet the dynamic security needs of modern enterprises. As part of the FortiGate product line, the 3016B combines advanced security features with high performance, catering to organizations that require reliability and efficiency in managing their network security.

One of the primary features of the Fortinet 3016B is its high throughput capabilities. It supports up to 40 Gbps of firewall throughput and an impressive 7.5 Gbps of intrusion prevention system (IPS) throughput. This ensures that even at peak network loads, the firewall can maintain strong performance without compromising security. This feature is particularly important for businesses that handle large volumes of data and require seamless connectivity for their operational efficiency.

The 3016B leverages Fortinet's proprietary FortiOS operating system, which is known for its user-friendly interface and comprehensive security functionalities. FortiOS includes a variety of tools such as a next-generation firewall (NGFW), antivirus protection, web filtering, and application control, all incorporated into a single platform. This consolidation helps in simplifying management while providing extensive security coverage against a wide array of cyber threats.

Moreover, the Fortinet 3016B incorporates advanced threat intelligence capabilities powered by FortiGuard Labs. This allows the firewall to stay updated with real-time threat feeds, enabling the organization to respond proactively to emerging threats and vulnerabilities. The integration of AI-driven analytics enhances anomaly detection and helps in identifying potential breaches before they can escalate.

Another notable characteristic of the 3016B is its scalability. Designed for medium to large enterprises, it can easily integrate into existing infrastructure and scale as business needs grow. With support for multiple virtual domains (VDOMs), organizations can create isolated environments for different departments or functions, maintaining policy separations while optimizing resource utilization.

In terms of connectivity, the Fortinet 3016B offers various interfaces, including multiple 1G and 10G Ethernet ports, ensuring flexible deployment options. The device also supports high availability (HA) configurations, which provide redundancy and minimize downtime.

Overall, the Fortinet 3016B is an exceptional solution that combines superior security features with high performance and scalability, making it a prime choice for organizations looking to strengthen their network security posture without sacrificing efficiency. With its comprehensive capabilities, it empowers businesses to tackle today’s cybersecurity challenges effectively.