Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
fmerin_FTNT
Staff
Staff

Created on ‎05-26-2015 06:40 PM

Article Id 195653

Troubleshooting Tip: Firmware image download issues during TFTP procedure

Description

This article describes how to troubleshoot issues with downloading FortiOS firmware images via TFTP on the FortiGate.


Solution

During the TFTP firmware download procedure, if the MAC address shows up and no "#" signs appear indicating that the link is detected but the FortiOS firmware image cannot be loaded, then the following items should be investigated further:

- Verify the network cable is connected to the correct port on the FortiGate

- Verify that the static IP and gateway IP addresses configured on the computer are correct

- Verify that any software firewalls (e.g. Windows Firewall) on the computer are disabled

- Configure the server interface or the server binding setting on the TFTP server software on the computer to the correct Ethernet interface

- Reconfigure the image download port on the FortiGate by entering I for "Configuration and Information", T for "Set image download port" and selecting the number next to the selected port. Depending on the FortiGate unit, this operation may or may not require a reboot.  See "Sample Console Output" below.

If you are still having a problem downloading the firmware image after following the above recommendations, please contact Fortinet technical support.

Sample Console Output

Below is an example of the output from the console when reconfiguring the image download port to WAN2 on the FortiGate 60D. Depending on the FortiGate unit, this console output may vary slightly.

[G]: Get firmware image from TFTP server.

[F]: Format boot device.

[I]: Configuration and information.

[B]: Boot with backup firmware and set as default.

[Q]: Quit menu and continue to boot.

[H]: Display this list of options.

Enter G,F,I,B,Q,or H: I

[S]:  Set serial port baudrate(will take effect on next boot).

[T]:  Set image download port(will take effect now and on next boot).

[C]:  Set DHCP enable (will take effect now and on next boot).

[I]:  Display hardware information.

[Q]:  Quit this menu.

[H]:  Display this list of options.

Enter S,T,C,I,Q,or H:T

 0:     Any of port 1 - 7

 1:     WAN1

 2:     WAN2

Enter image download port number [WAN1]:2

After reconfiguring the image download port, you should see the following message when selecting "G" in the first menu above:

Please connect TFTP server to Ethernet port 'WAN2'.

You can continue the TFTP procedure using WAN2 to download firmware instead of the default WAN1 for the FortiGate 60D.


Related Articles

Technical Tip: Formatting and loading FortiGate firmware image using TFTP

Labels:
6847
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.