Technical Tip: Cannot log in after upgrading to FortiWeb 4.0 MR4

Description

Failure to upload the repartitioning image for certain FortiWeb models before upgrading to FortiWeb 4.0 MR4 can cause you to be unable to log in to your FortiWeb.

As indicated in the Release Notes, if the FortiWeb model is FortiWeb-400B, 1000B, 1000C or 3000C, a disk partitioning image must first be installed before upgrading the firmware to FortiWeb 4.0 MR4.

1. To download the repartitioning image

• Log in to the Fortinet Technical Support web site at https://support.fortinet.com.
• Go to Download > Firmware Images, choose FortiWeb from the product dropdown list.  Go to  the sub directory v4.00/4.4/Partition_Image/.
• Use the HTTPS link to download the .deb file for your model.

2. To repartition and upgrade to FortiWeb 4.0 MR4

• Log in to FortiWeb's GUI with the admin account.
• Go to System > Status > Status.
• In the System Information widget, in the Firmware Version row, click Update.

3. Choose the special repartitioning image (Builld 8852) that was downloaded and select OK.

The following message is displayed:

The FortiWeb will resize its partitions and reboot. This may take a few minutes.

4. Log in again.

5. In the Firmware Version row of the System Information widget select Update.

6. Choose the FortiWeb 4.0 MR4 firmware image, then select OK.

A message will appear when the upload is complete and the upgrade has begun:

The FortiWeb will install the new firmware and reboot. This may take a few minutes.

7. To confirm that the upgrade succeeded, restart your web browser to clear its cache, then log in to the FortiWeb again. In the Firmware Version row of the System Information widget the FortiWeb should show as now running 4.0 MR4 software.

Reference

FortiWeb 4.0 MR4 Release Notes

Scope

FortiWeb 4.0 MR4

Workaround

To fix a FortiWeb that has not been upgraded properly, the FortiWeb must be re-imaged with the firmware that was installed prior to the attempt to upgrade to FortiWeb 4.0 MR4.

For example, if an upgrade from FortiWeb 4.0 MR3 Patch 7 had been attempted, prepare a TFTP server reachable via FortiWeb's port1, connect to FortiWeb's local console, reboot the appliance, then follow the instructions that appear on the console to interrupt the boot process and restore the previous firmware:

FortiBootLoader FV1000B (14:26-11.14.2008) Ver:00010010 Total RAM: 2043MB Boot up, boot device capacity: 927MB. Press any key to display configuration menu... .. [G]:  Get firmware image from TFTP server. [F]:  Format boot device. [B]:  Boot with backup firmware and set as default. [Q]:  Quit menu and continue to boot with default firmware. [H]:  Display this list of options. Enter Selection [G]: Enter G,F,B,Q,or H: Please connect TFTP server to Ethernet port "1". Enter TFTP server address [192.168.1.168]: 10.124.0.28 Enter local address [192.168.1.188]: 10.124.0.43 Enter firmware image file name [image.out]: FWB_1000B-v400-build0556-FORTINET.out MAC:00221956B103 ########################### Total 28618537 bytes data downloaded. Verifying the integrity of the firmware image.. Total 46096kB unzipped. Save as Default firmware/Backup firmware/Run image without saving:[D/B/R]?D Programming the boot device now. ............................................ Reading boot image 2468338 bytes. Initializing FortiWeb...                       System is started. EXT3-fs error (device sdb3): ext3_lookup: deleted inode referenced: 4001 EXT3-fs error (device sdb3): ext3_lookup: deleted inode referenced: 4001 create directory /home/part1 failed FortiWeb login: check_keys: generating RSA key check_keys: generating DSA key FortiWeb login: admin Password: Welcome ! FortiWeb #

After re-imaging the FortiWeb with the previous firmware and rebooting, also restore the configuration. Once this is complete, upgrade to FortiWeb 4.0 MR4 as described in the release notes, starting with the special repartitioning image.

Problem Verification