飞塔防火墙 Fortinet 固件6.23_1066升级到6.24_1112版本记录- 20200520

1.查看官方升级顺利:

https://customersso1.fortinet.com/saml-idp/login/?next=%2Fsaml-idp%2Flogin_process%2F

2.下载官方固件升级包:

https://support.fortinet.com/Download/FirmwareImages.aspx

3.备份本地设备配置文件到电脑:

4.重启进入Boot模式并格式化设备:

FortiGate-50E (17:37-01.31.2017)
Ver:05000016
Serial number: FGT50E
CPU(00): 1600MHz
Total RAM: 2GB
Initializing boot device...
Initializing MAC... egiga2
Please wait for OS to boot, or press any key to display configuration menu

[C]: Configure TFTP parameters.   //配置TFTP信息
[R]: Review TFTP parameters.   //查看TFTP配置,包含即将传输的固件名称;
[T]: Initiate TFTP firmware transfer.    //开始传输固件包到设备;
[F]: Format boot device.    //格式化设备;
[I]: System information.
[B]: Boot with backup firmware and set as default.  //启动备份固件并设为默认;
[Q]: Quit menu and continue to boot.  //退出并重启;
[H]: Display this list of options.

Enter C,R,T,F,I,B,Q,or H:

5.配置TFTP参数, 从TFTP服务器下载固件,并设为默认固件启动:

------------按"C"进入下列菜单, 设置TFTP信息:------------------

[P]: Set firmware download port.  //设置设备传输端口;
[D]: Set DHCP mode.    
[I]: Set local IP address.  //设备设备地址;
[S]: Set local subnet mask.   //设置本地掩码;
[G]: Set local gateway.   //设置网关(可选);
[V]: Set local VLAN ID.
[T]: Set remote TFTP server IP address.  //设置TFTP服务器地址;
[F]: Set firmware file name.   //设备TFTP服务器端的固件名称;
[E]: Reset TFTP parameters to factory defaults.
[R]: Review TFTP parameters.
[N]: Diagnose networking(ping).
[Q]: Quit this menu.
[H]: Display this list of options.

Enter P,D,I,S,G,V,T,F,E,R,N,Q,or H:

//选择"R"查看配置是否正确:

Image download port:    WAN2
DHCP status:            Disabled
Local VLAN ID:          <NULL>
Local IP address:       192.168.1.9
Local subnet mask:      255.255.255.0
Local gateway:          192.168.1.254
TFTP server IP address: 192.168.1.16
Firmware file name:     FGT_50E-v6-build1112-FORTINET.out

按 "T" //开始传输固件包到设备:

Please connect TFTP server to Ethernet port 'WAN2'.

MAC: 70:4c:a5:47:28:0e

Connect to tftp server 192.168.1.16 ...

##################################################################################
Image Received.
Checking image... OK
Save as Default firmware/Backup firmware/Run image without saving:[D/B/R]?d  //选择"D" 保存并设备默认;

Programming the boot device now.
............................................................
.............................................................
.............................................................
...............................................................
.............................................................
......................

Booting OS...

Reading boot image... 3055104 bytes.

6.配置接口地址登陆系统:

config system interface

edit "lan"
        set ip 10.1.1.10 255.255.255.0
        set allowaccess ping https ssh http fgfm fabric
        next

  end

7.导入备份的配置文件到系统并重启:

8.测试业务