System status

Changing the FortiGate firmware

 

 

Restoring the previous configuration

Change the internal interface addresses if required. You can do this from the CLI using the command:

set system interface

After changing the interface addresses, you can access the FortiGate unit from the web-based manager and restore the configuration.

To restore the FortiGate unit configuration, see “Restoring system settings” on page 64.

To restore NIDS user defined signatures, see “Adding user-defined signatures” on page 218.

To restore web content filtering lists, see “Restoring the Banned Word list” on page 233 and “Uploading a URL block list” on page 236

To restore email filtering lists, see “Uploading the email banned word list” on page 247 and “Uploading an email block list” on page 249.

If you are reverting to a previous firmware version (for example, reverting from FortiOS v2.50 to FortiOS v2.36) you might not be able to restore your previous configuration from the backup up configuration file.

Update the virus and attack definitions to the most recent version, see “Manually initiating antivirus and attack definitions updates” on page 75.

Testing a new firmware image before installing it

You can test a new firmware image by installing the firmware image from a system reboot and saving it to system memory. After completing this procedure the FortiGate unit operates using the new firmware image with the current configuration. This new firmware image is not permanently installed. The next time the FortiGate unit restarts, it operates with the originally installed firmware image using the current configuration. If the new firmware image operates successfully, you can install it permanently using the procedure “Upgrading to a new firmware version” on page 55.

To run this procedure you:

access the CLI by connecting to the FortiGate console port using a null-modem cable,

install a TFTP server that you can connect to from the FortiGate internal interface. The TFTP server should be on the same subnet as the internal interface.

To test a new firmware image

1Connect to the CLI using a null-modem cable and FortiGate console port.

2Make sure the TFTP server is running.

3Copy the new firmware image file to the root directory of the TFTP server.

4Make sure that the internal interface is connected to the same network as the TFTP server.

You can use the following command to ping the computer running the TFTP server. For example, if the TFTP server's IP address is 192.168.1.168:

execute ping 192.168.1.168

FortiGate-50A Installation and Configuration Guide

61

Page 60 Page 62
Page 61
Image 61
Fortinet 50A user manual Restoring the previous configuration, Testing a new firmware image before installing it
Page 60 Page 62
Top Page Image Contents