Home > Uncategorized > Fun times with Fortigate

Fun times with Fortigate

This is still a problem outside of v4.0 MR1, apparently. :D

seeing:
pid-34 lock_mlog()-555 shmget()failed: No such file or directory maxsize 0
log on fails at serial console.

9600 8-n-1 off

You must interrupt normal boot, format partition(s), then load firmware. See Rollback procedure.
user: admin
password: [blank/no password]

For reference:

Subject: FortiGuard Update - Failed Reboot Condition
 Released: 10 June 2011
 Modified: 18 July 2011
 Product: FortiGate
 
 
Description:
 
 A FortiGate may fail to restart correctly after a power cycle or a software reboot if a FortiGuard update of either the IPS engine and its signatures or the AV engine and its signatures has been performed. After the update has successfully completed and a subsequent reboot is carried out, the FortiGate device may hang and traffic may not traverse through it, the following output may be seen on the console port:
 
__get_backdoor_timeout: Couldn't get shm
 __set_backdoor_timeout: Couldn't get shm
 __admindb_get_copy: Couldn't get admindb
 
 
Affected Products:
 
 FortiGate devices running FortiOS v4.0 MR1 Patch Release 1 through to Patch Release 9, inclusive. The issue can occur, but is not specifically limited to, when IPS engine 1.230 or a later engine and signature package is loaded on the FortiGate, this can be verified with the following command:
 
 FortiGate# get sys fortiguard-service status
NAME               VERSION LAST UPDATE          METHOD    EXPIRE
 AV Engine           3.013  2009-08-13 15:44:00  manual    2012-01-03 00:00:00
 Virus Definitions   13.309 2011-06-10 04:31:07  manual    2012-01-03 00:00:00
 Extended set        0.000  2003-01-01 00:00:00  manual    2012-01-03 00:00:00
 Attack Definitions  3.012  2011-06-10 04:31:07  manual    2012-01-03 00:00:00
 IPS Attack Engine   1.230  2011-06-10 04:33:48  manual    2012-01-03 00:00:00
 
If the FortiGate is running one of the affected firmware versions listed above, the IPS engine is version 1.230 or a later release, it will also require specific attack definitions to be loaded to be susceptible to this issue.
 
Resolution:
 
 Fortinet recommends the upgrade of the FortiOS version to v4.0 MR1 Patch Release 10 or a later release for all customers currently running FortiOS v4.0 MR1 Patch Release 1 through to Patch Release 9, inclusive, even if IPS is not used on the device.
 Patch Release 10, v4.0, MR1 was released on June 20th, 2011 to correct the FortiOS corruption of shared memory issue.
 If the FortiGate has been rebooted and is already in the hung state, recovery can be achieved by reloading the firmware image via a TFTP reload.

Lies!

Advertisements
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: