Troubleshooting Tip: FortiManager Firmware Upgrade Template messages showing 'failover to local FMG image'
| Description | This article describes how to disable failover to FortiGate firmware image from FortiManager if FortiGate does not have connectivity with FortiGuard. |
| Scope | FortiManager. |
| Solution | When upgrading FortiGate via FortiManager and FortiGuard is unreachable, the upgrade will fail over to get the FortiGate firmware image from FortiManager.
Example: In the Firmware Template, the option 'Let Device Download Firmware From FortiGuard' has been enabled:
When running the firmware template, the upgrade task shows that the upgrade was performed successfully:
Further drilling down into the Progress Report, the following messages can be seen where the license check failed (i.e., FortiGate is not able to connect to FortiGuard) and that it has failed over to image from FortiManager:
This can be disabled by configuring the following command in FortiManager:
config fmupdate fwm-setting set fds-failover-fmg disable end
The command above will disable the failover to image from FortiManager, and the upgrade will simply fail due to timeout:
|
