manualshive.com logo in svg

Fortinet FortiGate FortiGate-5005-DIST, Getting Started

Share
Download
Fortinet FortiGate FortiGate-5005-DIST Getting Started Download Page 32

FortiGate-5005-DIST Security System   Getting Started

32

01-30000-0414-20070615

Installing FortiGate-5005-DIST firmware

Hardware procedures

You also install FortiGate-5005FA2 DIST firmware on the primary I/O module. The 
primary I/O module synchronizes this firmware to all FortiGate-5005FA2 modules. 
This happens even if the FortiGate-5005FA2 modules are running newer firmware 
versions. Also, if different FortiGate-5005FA2 modules are running different 
firmware versions, the system synchronizes them all to run the worker firmware 
version installed on the primary I/O module.

FortiController-5208 modules are shipped with FortiController-5208 and 
FortiGate-5005FA2 firmware installed. So, as you are installing your 
FortiGate-5005-DIST hardware, the system synchronizes all firmware to the 
versions installed on the primary I/O module.

If the FortiGate-5005FA2 firmware is missing from the primary I/O module, the 
FortiGate-5005FA2 modules will keep running their current firmware versions until 
you install FortiGate-5005FA2 worker module firmware on the primary I/O module.

You can view the current FortiController-5208 and FortiGate-5005FA2 firmware 
versions installed on the primary I/O module from the primary I/O module CLI or 
web-based manager. 

Viewing the currently installed firmware versions

Upgrading I/O module firmware

Upgrading worker module firmware installed on the primary I/O module

Viewing the currently installed firmware versions

You can view the currently installed I/O module and worker module firmware from 
the web-based manager or from the I/O module CLI.

To view the current firmware versions from the web-based manager

1

From the I/O module web-based manager go to 

System > Status

.

2

On the IO Blade status list view the I/O blade firmware version and the worker 
firmware version.

To view the current firmware versions from the CLI

1

To view the FortiController-5208 firmware version enter the command:

get system status

2

To view the FortiGate-5005FA2 firmware version enter the following command to 
connect to the worker CLI:

execute worker manage

 

3

Then to view the FortiGate-5005FA2 DIST firmware version enter the following 
command:

get system status

 

Upgrading I/O module firmware

Use the following procedures to upgrade the I/O module to a newer firmware 
version.

To upgrade the I/O module firmware using the web-based manager

1

Copy the firmware image file to your management computer.

2

Log into the I/O module web-based manager as the super admin, or an 
administrator account that has system configuration read and write privileges.

Summary of Contents for FortiGate FortiGate-5005-DIST

Page 1: ...IC BASE USB USB 3 4 1 2 5 6 7 8 OOS ACC STATUS IPM CONSOLE ACT ACT LINK LINK FABRIC BASE USB USB 3 4 1 2 5 6 7 8 OOS ACC STATUS IPM CONSOLE ACT ACT LINK LINK FABRIC BASE USB USB 3 4 1 2 5 6 7 8 OOS AC...

Page 2: ...ate 5000 series component in a closed or multi unit rack assembly the operating ambient temperature of the rack environment may be greater than room ambient Make sure the operating ambient temperature...

Page 3: ...CLI or web based manager 13 Configuring the primary I O module 14 Installing FortiGate 5005FA2 worker modules 15 Installing FortiGate 5005FA2 modules 16 Verifying that FortiGate 5005FA2 modules can c...

Page 4: ...urrently installed firmware versions 34 Upgrading I O module firmware 34 Upgrading worker module firmware installed on the primary I O module 36 Upgrading FortiController 5208 NPU firmware 37 For more...

Page 5: ...ic to the worker modules The worker modules provide FortiGate security system functions including firewall VPN IPS antivirus antispam and so on The following topics are included in this section Basic...

Page 6: ...100 link Act ETH0 Service RESET STATUS Hot Swap link Act ETH0 ETH1 10 100 5000SM 10 100 link Act ETH0 Service RESET STATUS Hot Swap link Act ETH0 ETH1 10 100 5000SM PAYLOAD OPERATION STATUS IPM X 1 X...

Page 7: ...led in slot 2 The worker modules apply all of the FortiGate security system functionality to traffic passing through the FortiGate 5005 DIST security system Traffic is distributed to the worker module...

Page 8: ...5140 CRITICAL RESET MAJO R MINOR USER1 USER2 USER3 5140SAP SERIAL 1 SERIAL 2 ALARM FILTER 1 2 0 1 2 10 100 link Act ETH0 Service RESET STATUS Hot Swap link Act ETH0 ETH1 10 100 5000SM 10 100 link Act...

Page 9: ...for the interfaces of the primary I O module installed in chassis slot 1 and 2 for the interfaces of the secondary I O module installed in chassis slot 2 The interfaces for the secondary I O module o...

Page 10: ...ntroller 5208 location FortiController 5208 front panel interface names Web based manager and CLI interface names Primary FortiController 5208 module installed in chassis slot 1 X1 port1_X1 X2 port1_X...

Page 11: ...ary I O module will connect with all components and after a few minutes the system will be operational However the first time you install a FortiGate 5005 DIST system you should follow the procedures...

Page 12: ...Verify that the chassis is operating normally Installing FortiController 5208 modules If your FortiGate 5005 DIST security system includes one FortiController 5208 module it must be installed in slot...

Page 13: ...3 Install SFP and XFP transceivers in the front panel interfaces of your FortiController 5208 I O module as required Connecting to the FortiController 5208 CLI or web based manager The following proce...

Page 14: ...he management computer to 192 168 1 2 and the netmask to 255 255 255 0 3 To access the web based manager start Internet Explorer on the management computer and browse to https 192 168 1 99 remember to...

Page 15: ...primary I O module If you have installed a FortiController 5208 module in slot 2 the module in slot 2 recognizes that the FortiController 5208 module in slot 1 is the primary I O module The FortiContr...

Page 16: ...ware on a FortiGate 5005FA2 module Installing FortiGate 5005FA2 modules This procedure describes how to install FortiGate 5005FA2 modules in a FortiGate 5005 DIST chassis This procedure also describes...

Page 17: ...ng in a FortiGate 5140 chassis with worker modules installed in chassis slots 6 and 10 The message indicates that both worker modules are operating in DIST mode and have successfully connected to the...

Page 18: ...appear in the list use the procedure To view the status of FortiGate 5005FA2 modules from the FortiGate 5005FA2 CLI on page 18 to verify the status of each module and determine a course of action for...

Page 19: ...and configured correctly In particular confirm the I O module in slot 1 is configured as the primary For details see To configure the primary I O module on page 15 If this does not solve the problem...

Page 20: ...ult firmware H Display this list of options Enter G F B I Q or H 5 Enter B The FortiGate 5005FA2 module exchanges the backup and default firmware and then restarts If the DIST firmware was installed i...

Page 21: ...system has two I O modules installed or slot 2 and above if one I O module is installed The FortiController 5208 module s should also have the appropriate XFP and SFP transceivers installed The module...

Page 22: ...erforms network address translation before IP packets are sent to the destination network In Route mode no translation takes place Figure 7 Example FortiGate 5005 DIST system operating in NAT Route mo...

Page 23: ...e the FortiGate module Web based manager The FortiGate web based manager is an easy to use management tool Use the web based manager to configure the FortiGate administrator password the interface add...

Page 24: ...re the FortiGate security system for your network add an administrator password change the network interface IP addresses add DNS server IP addresses and if required configure basic routing Note Conne...

Page 25: ..._____ _____ Netmask _____ _____ _____ _____ Management mng IP _____ _____ _____ _____ Netmask _____ _____ _____ _____ Secondary I O module interfaces X1 port2_X1 IP _____ _____ _____ _____ Netmask ___...

Page 26: ...le web based manager go to System Network Interface 2 Select the edit icon for the mng interface 3 Enter the IP address and netmask for the interface To configure interfaces 1 Go to Worker Blade Syste...

Page 27: ...t 6 Configure the port1_X1 interface execute worker manage config system interface edit port1_X1 set ip intf_ip netmask_ip end exit 7 Repeat to configure each interface as required for example to conf...

Page 28: ...Worker Blade System Status and select the Change link beside Operation Mode NAT 2 Set Operation Mode to Transparent 3 Set the Management IP Netmask to 192 168 1 99 24 4 Set the default Gateway to 192...

Page 29: ...sparent mode 1 Use the serial cable supplied with your FortiController 5208 module to connect the FortiController 5208 Com 2 port to the management computer serial port 2 Start a terminal emulation pr...

Page 30: ...rtiGate 5005 DIST system 1 Connect to the primary I O module and shut down the worker modules execute worker shutdown 2 If present shut down the secondary I O module execute secondary io execute shutd...

Page 31: ...O blade During this startup time the FortiGate 5005 DIST system cannot process traffic To start a configured FortiGate 5005 DIST system 1 Connect and turn on power to the chassis 2 Fully insert all mo...

Page 32: ...ary I O module from the primary I O module CLI or web based manager Viewing the currently installed firmware versions Upgrading I O module firmware Upgrading worker module firmware installed on the pr...

Page 33: ...he CLI 4 Make sure the I O module can connect to the TFTP server You can use the following command to ping the computer running the TFTP server For example if the IP address of the TFTP server is 192...

Page 34: ...og into the web based manager 8 Go to System Status and check the Firmware Version to confirm that the firmware upgrade is successfully installed Update antivirus and attack definitions To upgrade the...

Page 35: ...n recommended by Fortinet Customer Support you can use the following information to upgrade the firmware operating on FortiController 5208 module You must perform this procedure separately for each Fo...

Page 36: ...ntroller 5208 copies the firmware image from the TFTP server and installs the image on the FortiController 5208 NPU 5 Once the firmware has been installed you must restart the FortiController 5208 If...

Page 37: ...vailable from the Fortinet Knowledge Center The knowledge center contains troubleshooting and how to articles FAQs technical notes and more Visit the Fortinet Knowledge Center at http kc forticare com...

Page 38: ...rks Dynamic Threat Prevention System DTPS APSecure FortiASIC FortiBIOS FortiBridge FortiClient FortiGate FortiGate Unified Threat Management System FortiGuard FortiGuard Antispam FortiGuard Antivirus...

Reviews:

No comments

Brands by name

Popular brands

Load more brands