How to Install FortiMail Firmware Using the CLI


When installing the latest firmware or older firmware you can use with the web UI or the CLI. This recipe provides detailed instructions on how to install the firmware of your FortiMail unit using the CLI.

Go to the FortiMail support site for the latest firmware.Important: Whether you’re upgrading or downgrading your firmware, it is good practice to back up the configuration and mail data. For backup instructions, consult the FortiMail Administrator Guide under “Backup and Restore” (20).

Important: If you are upgrading, it is especially important to note that the upgrade process may require a specific path. Very old versions of the firmware may not be supported by the configuration upgrade scripts that are used by the newest firmware. As a result, you may need to upgrade to an intermediate version of the firmware first, before upgrading to your intended version. Upgrade paths are described in the Release Notes.

Connecting the Hardware

  1. Connect your computer to the FortiMail console port using a RJ-45 to DB-9 serial cable or a null-modem cable.
  2. Initiate a connection from your computer to the CLI of the FortiMail unit and log in as an administrator.
  3. Connect port1 of the FortiMail unit directly to the same subnet as a TFTP server.

Installing the Firmware

  1. Copy the new firmware image file to the root directory of the TFTP server.
  2. Verify connectivity in the CLI by entering the following command:
    execute ping
    where is the IP address of the TFTP server.
  3. Download the firmware image from the TFTP server by entering the following command:
    execute restore image tftp
    where <name_str> is the name of the firmware image file and <tftp-ipv4> is the IP address of the TFTP server.
  4. Execute the restore action by entering the following command:
    execute restore image tftp image.out
    Replace the current firmware version by selecting y.
  5. Clear your web browser cache and restart the browser to ensure it reloads the web UI.
  6. Verify that the firmware was successfully installed by logging in to the CLI and typing:
    get system status
  7. Update the FortiGuard Antivirus definitions. Installing firmware replaces the current antivirus definitions with those included with the firmware releases that you are installing.

Reconnecting to the FortiMail Unit

If you downgrade to a previous version, the FortiMail unit reverts to default settings. If this occurs, you can reconnect to the CLI.

  1. Connect your computer to the FortiMail console port using a RJ-45 to DB-9 serial cable or a null modem cable.
  2. Start HyperTeminal and enter a name for the connection. Select OK.
  3. Configure HyperTerminal to connect directly to the communications port on your computer and select OK.
  4. Enter the following port settings and select OK.
    Bits per second 9600
    Data bits 8
    Parity None
    Stop bits 1
    Flow control None
  5. Press Enter to connect to the FortiMail CLI and type “admin” and press Enter twice.
  6. Enter the following command when the “Welcome!” prompt apepars
    set system interface <interface_str> mode static ip <address_ip4> <mask_ipv4>
    <interface_str> is the name of the network interface
    <address_ip4> is the IP address of the network interface
    <mask_ip4> is the netmask of the network interface
  7. Enter the following command:
    set system interface <interface_str> config allowaccess <accessmethods_str>
    <interface_str> is the name of the network interface configured in the previous step
    <accessmethods_str> is a space-delimited list of administrative access protocols that you want to allow on the network interface

 Restoring the Configuration

If you wish to restore a backup copy of an older configuration from your PC follow the procedure below in the web UI.

  1. Go to Maintenance > System > Configuration.
  2. Select Local PC under Restore Configuration.
  3. Select Browse and select the desired configuration file.
  4. Select Restore.