You are here
Home > Firewall > Firmware Update in Fortigate Firewall

Firmware Update in Fortigate Firewall

1. Connect to the CLI using the RJ-45 to DB-9 or null modem cable.

2. Make sure the TFTP server is running.

3. Copy the new firmware image file to the root directory of the TFTP server.

4. Make sure the internal interface is connected to the same network as the TFTPserver.

5. To confirm the FortiGate unit can connect to the TFTP server, use the following command to ping the computer running the TFTP server. For example, if the IPaddress of the TFTP server is

execute ping

6. Enter the following command to restart the FortiGate unit.

execute reboot

7. The FortiGate unit responds with the following message: This operation will reboot the system! Do you want to continue? (y/n) Type y

As the FortiGate unit starts, a series of system startup messages appears. When the following messages appears:

Press any key to display configuration menu……….

Immediately press any key to interrupt the system startup. If you successfully
interrupt the startup process, the following messages appears:

[G]: Get firmware image from TFTP server.

[F]: Format boot device.

[Q]: Quit menu and continue to boot with default firmware.

[H]: Display this list of options. Enter G, F, Q, or H:

8. Type G to get to the new firmware image form the TFTP server. The following message appears:

Enter TFTP server address []:

Note: Installing firmware replaces your current antivirus and attack definitions, alongwith the definitions included with the firmware release you are installing.

Note: You have only 3 seconds to press any key. If you do not press a key soon enough, the FortiGate unit reboots and you must log in and repeat the execute reboot command

9. Type the address of the TFTP server and press Enter: The following message appears:

Enter Local Address []:

10. Type an IP address the FortiGate unit can use to connect to the TFTP server. TheIP address can be any IP address that is valid for the network the interface isconnected to. Make sure you do not enter the IP address of another device on this network. The following message appears:

Enter File Name [image.out]:

11. Enter the firmware image filename and press Enter. The TFTP server uploads the firmware image file to the FortiGate unit and a message similar to the following appears:

Save as Default firmware/Backup firmware/Run image without saving: [D/B/R]
Type D.

The FortiGate unit installs the new firmware image and restarts. The installation might take a few minutes to complete


Leave a Reply