beautypg.com

Restoring the previous configuration, Testing a new firmware image before installing it – Fortinet FortiGate 50A User Manual

Page 61

background image

System status

Changing the FortiGate firmware

FortiGate-50A Installation and Configuration Guide

61

Restoring the previous configuration

Change the internal interface addresses if required. You can do this from the CLI
using the command:

set system interface
After changing the interface addresses, you can access the FortiGate unit from the
web-based manager and restore the configuration.

• To restore the FortiGate unit configuration, see

“Restoring system settings” on

page 64

.

• To restore NIDS user defined signatures, see

“Adding user-defined signatures” on

page 218

.

• To restore web content filtering lists, see

“Restoring the Banned Word list” on

page 233

and

“Uploading a URL block list” on page 236

• To restore email filtering lists, see

“Uploading the email banned word list” on

page 247

and

“Uploading an email block list” on page 249

.

If you are reverting to a previous firmware version (for example, reverting from
FortiOS v2.50 to FortiOS v2.36) you might not be able to restore your previous
configuration from the backup up configuration file.

Update the virus and attack definitions to the most recent version, see

“Manually

initiating antivirus and attack definitions updates” on page 75

.

Testing a new firmware image before installing it

You can test a new firmware image by installing the firmware image from a system
reboot and saving it to system memory. After completing this procedure the FortiGate
unit operates using the new firmware image with the current configuration. This new
firmware image is not permanently installed. The next time the FortiGate unit restarts,
it operates with the originally installed firmware image using the current configuration.
If the new firmware image operates successfully, you can install it permanently using
the procedure

“Upgrading to a new firmware version” on page 55

.

To run this procedure you:

• access the CLI by connecting to the FortiGate console port using a null-modem

cable,

• install a TFTP server that you can connect to from the FortiGate internal interface.

The TFTP server should be on the same subnet as the internal interface.

To test a new firmware image

1

Connect to the CLI using a null-modem cable and FortiGate console port.

2

Make sure the TFTP server is running.

3

Copy the new firmware image file to the root directory of the TFTP server.

4

Make sure that the internal interface is connected to the same network as the TFTP
server.
You can use the following command to ping the computer running the TFTP server.
For example, if the TFTP server's IP address is 192.168.1.168:
execute ping 192.168.1.168

See also other documents in the category Fortinet Hardware: