advertisement
Rebooting, resetting, and shutting down the system Chapter 12: System Management
Connect to tftp server 192.0.2.1 ...
Please wait...
##############################################################
Get image from tftp server OK.
Check image trailer OK.
Check image OK.
FortiADC-VM #
The following example shows a downgrade:
FortiADC-VM # execute restore image tftp FAD_VM-v400-build0307-FORTINET.out 192.0.2.1
This operation will replace the current firmware version!
Do you want to continue? (y/n)y
Connect to tftp server 192.0.2.1 ...
Please wait...
#############################################################
Get image from tftp server OK.
Check image trailer OK.
This operation will downgrade the current firmware version!
Do you want to continue? (y/n)y
FortiADC-VM #
6. To verify the upgrade, display the system version number:
FortiADC-VM # get system status
Version: FortiADC-VM v4.2.0,build0307,150209
VM Registration: Valid: License has been successfully authenticated with registration servers.
VM License File: License file and resources are valid.
VM Resources: 1 CPU/1 allowed, 1620 MB RAM/2048 MB allowed, 23 GB Disk/1024 GB allowed
...
If the download fails after the integrity check with the error message invalid compressed format (err=1 , but the firmware matches the integrity checksum on the Fortinet Customer Service & Support website, try a different TFTP server.
Rebooting, resetting, and shutting down the system
The following items have the indicated usage: l l l
Reboot—Reboots the operating system.
Reset—Resets the configuration to the default factory values.
Shut Down—Shuts down the system. When the system is shut down, it is unavailable to forward traffic.
Do not unplug or switch off the FortiADC appliance without first shutting down the operating system. The shutdown process enables the system to finish writing any buffered data, and to correctly spin down and park the hard disks. Failure to do so could cause data loss and hardware problems.
To reboot the system:
Do one of the following:
FortiADC D-Series Handbook
Fortinet Technologies, Inc.
267
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
advertisement
Table of contents
- 13 Features
- 13 Basic network topology
- 14 Scope
- 16 FortiADC 4.6.1
- 16 FortiADC 4.6.0
- 18 FortiADC 4.5.3
- 18 FortiADC 4.5.2
- 18 FortiADC 4.5.1
- 19 FortiADC 4.5.0
- 20 FortiADC 4.4.0
- 21 FortiADC 4.3.1
- 21 FortiADC 4.3.1
- 22 FortiADC 4.3.0
- 23 FortiADC 4.2.3
- 23 FortiADC 4.2.1
- 23 FortiADC 4.2.0
- 24 FortiADC 4.1
- 24 FortiADC 4.0 Patch 2
- 24 FortiADC 4.0 Patch 1
- 24 FortiADC 4.0
- 25 FortiADC 3.2.0
- 25 FortiADC 3.1.0
- 26 FortiADC 3.0.0
- 26 FortiADC 2.1.0
- 27 Server load balancing
- 27 Feature Summary
- 28 Authentication
- 28 Caching
- 29 Compression
- 29 Content rewriting
- 29 Content routing
- 29 Scripting
- 29 SSL transactions
- 30 Link load balancing
- 30 Global load balancing
- 30 Security
- 30 High availability
- 31 Virtual domains
- 32 Step 1: Install the appliance
- 33 Step 2: Configure the management interface
- 36 Step 3: Configure basic network settings
- 40 Step 4: Test connectivity to destination servers
- 40 Step 5: Complete product registration, licensing, and upgrades
- 42 Step 6: Configure a basic server load balancing policy
- 45 Step 7: Test the deployment
- 48 Step 8: Back up the configuration
- 50 Server load balancing basics
- 53 Server load balancing configuration overview
- 56 Configuring real server SSL profiles
- 61 Using real server pools
- 61 Configuring real server pools
- 66 Example: Using port ranges and the port 0 configuration
- 67 Configuring persistence rules
- 73 Configuring content routes
- 75 Using content rewriting rules
- 75 Overview
- 76 Configuring content rewriting rules
- 78 Example: Redirecting HTTP to HTTPS
- 86 Example: Rewriting the HTTP response when using content routing
- 88 Example: Rewriting the HTTP request and response to mask application details
- 90 Example: Rewriting the HTTP request to harmonize port numbers
- 91 Configuring compression rules
- 93 Using caching features
- 93 Static caching
- 95 Dynamic caching
- 95 Configuring caching rules
- 97 Configuring Application profiles
- 121 Configuring error pages
- 121 Using source pools
- 122 Configuring source pools
- 124 Example: DNAT
- 125 Example: full NAT
- 126 Example: NAT46 (Layer 4 virtual servers)
- 128 Example: NAT64 (Layer 4 virtual servers)
- 130 Example: NAT46 (Layer 7 virtual servers)
- 132 Example: NAT64 (Layer 7 virtual servers)
- 133 Configuring auth policies
- 135 Configuring methods
- 136 Configuring an L2 exception list
- 137 Using the Web Category tab
- 138 Creating a Web Filter Profile configuration
- 138 Configuring virtual servers
- 144 TCP multiplexing
- 145 Using scripts
- 146 Create a script object
- 146 Import a script
- 146 Export a script
- 147 Delete a script
- 148 Link load balancing basics
- 148 Using link groups
- 149 Using virtual tunnels
- 151 Link load balancing configuration overview
- 153 Configuring gateway links
- 154 Configuring persistence rules
- 156 Configuring proximity route settings
- 158 Configuring a link group
- 160 Configuring a virtual tunnel group
- 162 Configuring link policies
- 164 Global load balancing basics
- 166 Global load balancing configuration overview
- 168 Configuring servers
- 171 Configuring a global load balance link
- 172 Configuring data centers
- 173 Configuring hosts
- 174 Configuring virtual server pools
- 176 Configuring dynamic proximity
- 177 Configuring persistence
- 178 Configuring an address group
- 179 Configuring remote DNS servers
- 180 Configuring the DSSET list
- 180 Configuring DNS zones
- 184 Configuring DNS64
- 185 Configuring the response rate limit
- 186 onfiguring a Global DNS policy
- 187 Configuring general settings
- 189 Configuring the trust anchor key
- 190 Security features basics
- 190 Managing IP Reputation policy settings
- 192 Configure IP reputation exception
- 193 Using the Geo IP block list
- 194 Using the Geo IP whitelist
- 195 Enabling denial of service protection
- 196 Configuring a firewall policy
- 197 Configuring the firewall connection limit
- 199 Web application firewall basics
- 200 Web application firewall configuration overview
- 201 Predefined configuration elements
- 201 Severity
- 201 Exceptions
- 201 Configuring a WAF Profile
- 203 Configuring a Web Attack Signature policy
- 208 Configuring a URL Protection policy
- 209 Configuring an HTTP Protocol Constraint policy
- 213 Configuring an SQL/XSS Injection Detection policy
- 215 Configuring WAF Exception objects
- 216 Configuring a Bot Detection policy
- 219 Configuring user groups
- 220 Using the local authentication server
- 221 Using an LDAP authentication server
- 222 Using a RADIUS authentication server
- 223 Using Kerberos Authentication Relay
- 223 Authentication Workflow
- 223 Step 1: Client authentication
- 224 Step 2: Client service authorization
- 224 Step 3: Client service request
- 224 FortiADC Kerberos authentication implementation
- 225 Configure Authentication Relay (Kerberos)
- 225 Configure SAML authentication
- 226 Import IDP metadata
- 226 Configure SAML authentication
- 228 Configuring health checks
- 235 Creating schedule groups
- 236 Creating IPv4 address objects
- 237 Configuring IPv4 address groups
- 238 Creating IPv6 address objects
- 239 Configuring IPv6 address groups
- 240 Managing ISP address books
- 242 Create an ISP address book object
- 243 Creating service objects
- 244 Creating service groups
- 246 Configuring network interfaces
- 246 Using physical interfaces
- 247 Using VLAN interfaces
- 247 Using aggregate interfaces
- 248 Configuring network interfaces
- 253 Configuring static routes
- 254 Configuring policy routes
- 256 Configuring basic system settings
- 257 Configuring system time
- 259 Configuring an SMTP mail server
- 259 Configuring FortiGuard service settings
- 261 Pushing/pulling configurations
- 262 Backing up and restoring the configuration
- 263 Updating firmware
- 264 Upgrade considerations
- 264 Updating firmware using the web UI
- 266 Updating firmware using the CLI
- 267 Rebooting, resetting, and shutting down the system
- 268 Create a traffic group
- 269 Create a traffic group via the command line interface
- 269 Create a traffic group from the Web GUI
- 270 Create administrator users
- 272 Configure access profiles
- 275 Enable password policies
- 276 Configuring SNMP
- 277 Download SNMP MIBs
- 278 Configure SNMP threshold
- 278 Configure SNMP v1/v2
- 280 Configure SNMP v3
- 281 Manage and validate certificates
- 282 Overview
- 282 Prerequisite tasks
- 283 Manage certificates
- 284 Generating a certificate signing request
- 286 Importing local certificates
- 288 Creating a local certificate group
- 288 Importing intermediate CAs
- 289 Creating an intermediate CA group
- 290 Validating certificates
- 290 Configure a certificate verification object
- 293 Importing CRLs
- 294 Adding OCSPs
- 296 Importing remote certificates
- 297 Importing CAs
- 298 Creating a CA group
- 300 Using the event log
- 307 Using the security log
- 313 Using the *traffic log
- 321 Configuring local log settings
- 323 Configuring syslog settings
- 325 Configuring high speed logging
- 326 Enabling real-time statistics
- 327 Configuring alert email settings
- 328 Configuring an alert email recipient
- 328 Configuring reports
- 329 Configuring Report Queries
- 332 Configuring fast reports
- 333 Using reports
- 334 Display logs via CLI
- 335 HA feature overview
- 339 HA system requirements
- 340 HA synchronization
- 341 Configuring HA settings
- 346 Monitoring an HA cluster
- 348 Updating firmware for an HA cluster
- 349 Deploying an active-passive cluster
- 349 Overview
- 351 Basic steps
- 351 Best practice tips
- 351 Deploying an active-active cluster
- 352 Configuration overview
- 353 Basic steps
- 354 Expected behavior
- 354 Traffic to TCP virtual servers
- 358 Traffic to HTTP virtual servers
- 360 FTP traffic and traffic processed by firewall rules
- 363 Best practice tips
- 363 Advantages of HA Active-Active-VRRP
- 363 Deploying an active-active-VRRP cluster
- 364 Configuration overview
- 365 Basic steps
- 366 Best practice tips
- 368 Virtual domain basics
- 368 Enabling the virtual domain feature
- 369 Creating virtual domains
- 369 Assigning network interfaces and admin users to VDOMs
- 370 Virtual domain policies
- 371 Disabling virtual domains
- 372 SSL offloading
- 374 SSL decryption by forward proxy
- 374 Layer 7 deployments
- 376 Layer 2 deployments
- 377 Profile configurations
- 381 Certificate guidelines
- 381 SSL/TLS versions and cipher suites
- 385 Exceptions list
- 385 SSL traffic mirroring
- 387 Configure source NAT
- 389 Configure source NAT
- 392 Configure 1-to-1 NAT
- 394 QoS
- 395 Configuring a QoS queue
- 395 Configuring the QoS filter
- 396 Configuring the QoS IPv6 filter
- 397 ISP routes
- 398 BGP
- 398 How BGP works
- 398 IBGP vs. EBGP
- 402 Access list vs. prefix list
- 403 Configuring an IPv4 access list
- 403 Configuring an IPv6 access list
- 404 Configuring an IPv4 prefix list
- 405 Configuring an IPv6 prefix list
- 405 OSPF
- 409 Reverse path route caching
- 411 Packet capture
- 413 Regular backups
- 413 Security
- 414 Topology
- 414 Administrator access
- 415 Performance tips
- 415 System performance
- 415 Reducing the impact of logging on performance
- 415 Reducing the impact of reports on system performance
- 415 Reducing the impact of packet capture on system performance
- 416 High availability
- 417 Logs
- 417 Tools
- 417 execute commands
- 418 diagnose commands
- 419 System dump
- 420 Packet capture
- 421 Diff
- 422 Solutions by issue type
- 422 Login issues
- 423 Connectivity issues
- 423 Checking hardware connections
- 423 Checking routing
- 427 Examining the routing table
- 427 Examining server daemons
- 427 Checking port assignments
- 427 Performing a packet trace
- 428 Checking the SSL/TLS handshake & encryption
- 428 Resource issues
- 428 Monitoring traffic load
- 429 DoS attacks
- 429 Resetting the configuration
- 429 Restoring firmware (“clean install”)
- 432 Additional resources
- 435 Status
- 436 Data Analytics
- 437 Server load balance
- 437 Select a display option
- 438 Filter virtual servers onscreen
- 439 Add virtual servers
- 439 Link load balance
- 439 Global load balance
- 440 HA status
- 441 Session monitoring
- 446 Events and actions
- 446 Predefined Commands
- 452 Control structures
- 452 Operators
- 453 String library
- 454 Examples
- 454 Select content routes based on URI string matches
- 455 Rewrite the HTTP request host header and path
- 456 Rewrite the HTTP response Location header
- 456 Redirect HTTP to HTTPS using Lua string substitution
- 456 Redirect mobile users to the mobile version of a website