拿到一台故障的Fortigate FG-110C,裡面韌體本來是第4版,在更新第5版的韌體時失敗,導致變磚,在櫃子翻到Console線,就照網路的教學試著重刷韌體,運氣還不錯,最後有成功救回來,The following is a record:
Detection problem:
- 找到RS-232 to RJ-45的傳輸線接上電腦com port跟FG-110C的console port,Super Terminal Setup 9600bps-8bit-None-1-No。
- 重開機FG-110C後,確認終端機有收到訊息,載入系統到一半後就死當,No-show entry message。
Deployment environment:
- 先在PC裝好TFTP Server,我是用3com的3CDaemon,第一次執行時會跳防火牆訊息,Remember to unlock。
- 執行3CDaemon即啟動TFTP,點選「Configure TFTP Server」,將「Upload/Download directory」指定到韌體所在目錄後,Press OK。
- Copy the firmware to the newly specified directory。
- The computer's IP set to 192.168.1.X。
Firmware update procedure:
- 重開機FG-110C,In the "Press any key to display configuration menu .." Press any key to enter time setting mode。
- The G、F、I、Q、H other five operations,這邊我們會用到的是F跟G,That is cleared away the original firmware and follow obtain TFTP firmware。
- 先輸入F(Format boot device.),等待3~5分鐘後,Options will then jump out to ask you what to do next。
- 輸入G(Get firmware image from TFTP server.),接著要會跳出一個訊息要你把網路線接上特定的port,The network described according FG-110C cable connected with the computer。To note here,網路上有的文章是指要接到Ethernet port 1,但我的是顯示要接到Wan 1,So to see the end of the message depending on equipment。
- Then enter the TFTP Server address,Set it in front of the computer 192.168.1.X。
- Enter the full name of the firmware file,Contains the file extension。
- FG-110C specify the ip,You can press the Enter key directly,Default values may be 192.168.1.188,Keep up the PC side of the IP different,But to the same network segment。
- After updating the firmware,會出現「Save as a Default firmware/Backup firmware/Run image without saving?(D/B/R)」,輸入 D。
設備會自己重開機,To complete the firmware update action。
之後有遇到ping的到但無法顯示管理頁面的問題,測試到後來才發現原來是手邊的IE跟Firefox版本都太舊,After the normal update。
[Links]
- Fortinet Firmware Upgrade @ 有「模」有樣 :: 痞 客 邦 PIXNET ::
- Fred的工作紀錄: Fortigate Reset Password & Factory reset & Firmware upgrade
