tftp 사용하여 펌웨어 복구

중고로 100D 장비를 구매했습니다.

가져오자마자 패스워드 설정이 되어 있어 초기화 한답시고 매뉴를 잘못 눌러 부팅 디스크를 포멧 했네요.

덕분에 사용해보지도 않던 기능을 사용해 보았습니다.

 

Windows 10에서 tftp 서버 만들기

tftpd64.exe 검색하셔서 다운로드 받고, 바로 실행하시면 됩니다.

실행 자체가 tftp 서버의 설정이 되는 것이며, firmware 파일이 있는 폴더를 소스 폴더로 설정해 주세요.

IP 설정은 TFTP 서버 설정에 맞는 인터페이스를 선택해 주시면 됩니다.

업로드 할 펌웨어 파일명도 폴더에 있는 이름과 동일하게 설정이 필요합니다.

 

fortigate disk 날려먹기

FortiGate-100D (17:36-08.07.2014)
Ver:05000006
Serial number:FG100D3G000000000
RAM activation
CPU(00:000106ca bfebfbff): MP initialization
CPU(01:000106ca bfebfbff): MP initialization
CPU(02:000106ca bfebfbff): MP initialization
CPU(03:000106ca bfebfbff): MP initialization
Total RAM: 4096MB
Enabling cache...Done.
Scanning PCI bus...Done.
Allocating PCI resources...Done.
Enabling PCI resources...Done.
Zeroing IRQ settings...Done.
Verifying PIRQ tables...Done.
Boot up, boot device capacity: 15272MB.
Press any key to display configuration menu...
...
[C]:  Configure TFTP parameters.
[R]:  Review TFTP parameters.
[T]:  Initiate TFTP firmware transfer.
[F]:  Format boot device.
[B]:  Boot with backup firmware and set as default.
[I]:  System information.
[Q]:  Quit menu and continue to boot.
[H]:  Display this list of options.

Enter C,R,T,F,B,I,Q,or H: F

All data will be erased,continue:[Y/N]? Y
FortiGate-100D (17:36-08.07.2014)
Ver:05000006
Serial number:FG100D3G00000000
RAM activation
CPU(00:000106ca bfebfbff): MP initialization
CPU(01:000106ca bfebfbff): MP initialization
CPU(02:000106ca bfebfbff): MP initialization
CPU(03:000106ca bfebfbff): MP initialization
Total RAM: 4096MB
Enabling cache...Done.
Scanning PCI bus...Done.
Allocating PCI resources...Done.
Enabling PCI resources...Done.
Zeroing IRQ settings...Done.
Verifying PIRQ tables...Done.
Boot up, Initialize boot device failed.

 

TFTP 서버를 이용하여 펌웨어 복구(재설치) 하기

FortiGate-100D (17:36-08.07.2014)
Ver:05000006
Serial number:FG100D3G00000000
RAM activation
CPU(00:000106ca bfebfbff): MP initialization
CPU(01:000106ca bfebfbff): MP initialization
CPU(02:000106ca bfebfbff): MP initialization
CPU(03:000106ca bfebfbff): MP initialization
Total RAM: 4096MB
Enabling cache...Done.
Scanning PCI bus...Done.
Allocating PCI resources...Done.
Enabling PCI resources...Done.
Zeroing IRQ settings...Done.
Verifying PIRQ tables...Done.
Boot up, boot device capacity: 15272MB.
Press any key to display configuration menu...
.....
[C]:  Configure TFTP parameters.
[R]:  Review TFTP parameters.
[T]:  Initiate TFTP firmware transfer.
[F]:  Format boot device.
[B]:  Boot with backup firmware and set as default.
[I]:  System information.
[Q]:  Quit menu and continue to boot.
[H]:  Display this list of options.

Enter C,R,T,F,B,I,Q,or H: C

[P]:  Set image download port.
[D]:  Set DHCP mode.
[I]:  Set local IP address.
[S]:  Set local subnet mask.
[G]:  Set local gateway.
[V]:  Set local VLAN ID.
[T]:  Set remote TFTP server IP address.
[F]:  Set firmware image file name.
[E]:  Reset TFTP parameters to factory defaults.
[R]:  Review TFTP parameters.
[N]:  Diagnose networking (ping).
[Q]:  Quit this menu.
[H]:  Display this list of options.

Enter P,D,I,S,G,V,T,F,E,R,N,Q or H: I

Enter local IP address [192.168.1.66]:192.168.0.18

Enter P,D,I,S,G,V,T,F,E,R,N,Q or H: S

Input local subnet mask [255.255.255.0]:

Enter P,D,I,S,G,V,T,F,E,R,N,Q or H: G

Enter local gateway IP address [192.168.1.254]:192.168.0.1

Enter P,D,I,S,G,V,T,F,E,R,N,Q or H: T

Enter remote TFTP server IP address [192.168.1.168]:192.168.0.54

Enter P,D,I,S,G,V,T,F,E,R,N,Q or H: F

Enter firmware file name [image.out]: 6.2.12-FGT_100D-v6-build1319-FORTINET.out

Enter P,D,I,S,G,V,T,F,E,R,N,Q or H: R

Image download port:    MGMT
DHCP status:            disabled
Local VLAN ID:          none
Local IP address:       192.168.0.18
Local subnet mask:      255.255.255.0
Local gateway:          192.168.0.1
TFTP server IP address: 192.168.0.54
Firmware file name:     6.2.12-FGT_100D-v6-build1319-FORTINET.out

Enter P,D,I,S,G,V,T,F,E,R,N,Q or H: N

[1]:  Ping remote TFTP server.
[2]:  Ping gateway.
[3]:  Ping specified IP address.
[Q]:  Quite the menu.
[H]:  Display the list of opinion.

Enter 1,2,3,Q or H: 1
Begin to send ICMP packets:
Press ESC to abort ping action.

Reply from 192.168.0.54: time=67ms ttl=128
Reply from 192.168.0.54: time=50ms ttl=128
Reply from 192.168.0.54: time=107ms ttl=128
Reply from 192.168.0.54: time=73ms ttl=128
Reply from 192.168.0.54: time=50ms ttl=128
Successfully receive 5 of out 5 packets from 192.168.0.54.

Enter 1,2,3,Q or H: Q

Enter P,D,I,S,G,V,T,F,E,R,N,Q or H: Q

[C]:  Configure TFTP parameters.
[R]:  Review TFTP parameters.
[T]:  Initiate TFTP firmware transfer.
[F]:  Format boot device.
[B]:  Boot with backup firmware and set as default.
[I]:  System information.
[Q]:  Quit menu and continue to boot.
[H]:  Display this list of options.

Enter C,R,T,F,B,I,Q,or H: T

Please connect TFTP server to Ethernet port "MGMT".

Initiating firmware TFTP Transfer...

MAC:         90:6C:AC:00:00:00
.#########################################################
Total 60581933 bytes data downloaded.
Verifying the integrity of the firmware image.

Total 262144kB unzipped.
Save as Default firmware/Backup firmware/Run image without saving:[D/B/R]? D
Programming the boot device now.
................................................................................................................................................................................................................................................................
Reading boot image 2721475 bytes.
Initializing firewall...
System is starting...
Resizing shared data partition...done
Formatting shared data partition ... done!
Starting system maintenance...
Scanning /dev/sdb1... (100%)
Scanning /dev/sdb3... (100%)

System storage='Internal' disk-usage changed, please 'execute disk format 255'.


Disk usage changed, please wait for reboot...

Formatting the disk...
- unmounting /data2 :  ok
- unmounting /var/log :  ok
Partitioning and formatting /dev/sda label LOGUSEDX2C5B29F6 ... done


The system is going down NOW !!

Please stand by while rebooting the system.
Restarting system.
FortiGate-100D (17:36-08.07.2014)
Ver:05000006
Serial number:FG100D3G00000000
RAM activation
CPU(00:000106ca bfebfbff): MP initialization
CPU(01:000106ca bfebfbff): MP initialization
CPU(02:000106ca bfebfbff): MP initialization
CPU(03:000106ca bfebfbff): MP initialization
Total RAM: 4096MB
Enabling cache...Done.
Scanning PCI bus...Done.
Allocating PCI resources...Done.
Enabling PCI resources...Done.
Zeroing IRQ settings...Done.
Verifying PIRQ tables...Done.
Boot up, boot device capacity: 15272MB.
Press any key to display configuration menu...
......

Reading boot image 2721475 bytes.
Initializing firewall...
System is starting...


FortiGate-100D login:

 

fortigate 초기 패스워드 재설정하기

기본 설정: admin

패스워드: 없음

FortiGate-100D login: admin
Password:
You are forced to change your password, please input a new password.
New Password:*****
Confirm Password:*****
Welcome!

FortiGate-100D #

 

fortigate 패스워드를 모를 경우 (재부팅 후 1분 이내 접속 가능)

ID: maintainer

PW: bcpb<씨리얼 넘버>

*씨리얼 넘버: 장비 재부팅할때 3번째 줄에 보입니다.

 확인은 못해 봤지만, Forti 7.2.4 버전부터는 삭제되었다는 글귀를 보았습니다.

FortiGate-100D login: maintainer
Password: ********************
Welcome!

FortiGate-100D # config system admin

FortiGate-100D (admin) # edit <변경할 ID>

FortiGate-100D (admin) # set password <변경할 패스워드>

FortiGate-100D (admin) # end

FortiGate-100D # exit

FortiGate-100D login: