Skip to main content
laltuzar
Staff
laltuzar
Staff
September 2, 2025

Technical Tip: How to upload FortiSwitch images to FortiGate for firmware staging

  • September 2, 2025
  • 0 replies
  • 1213 views
Description

 

This article describes the commands to upload FortiSwitch images to FortiGate for firmware staging. This step was omitted on Upgrading MCLAG peer group switches from FortiSwitchOS 7.4.2 and earlier to FortiSwitchOS 7.4.3 and later, and Upgrading MCLAG topologies, so it is a bit confusing on how to continue.

 

This article also describes the steps to stage an image directly on FortiSwitch.

 

Scope

 

FortiOS v7.0 and newer.

FortiSwitch OS v7.0 and newer.

 

Solution

 

Scenario 1. Uploading FortiSwitchOS firmware to FortiGate.

To upload a firmware image to FortiGate using FTP or TFTP servers, execute the commands below:

 

  • FTP server: 


FortiGate # execute switch-controller switch-software upload ftp <string> <ftp server>[:ftp port] <Enter>|<user>

 

  • TFTP server:


FortiGate # execute switch-controller switch-software upload tftp <string> <tftp server>

 

Example:

 

FortiSwitch firmware image uploaded to FortiGateFortiSwitch firmware image uploaded to FortiGate

 

After the image is successfully uploaded to FortiGate, the administrator can view it listed with the command below.

 

FortiGate # execute switch-controller switch-software list-available

 

Then, the administrator can continue staging the images. To stage the image to managed FortiSwitches, execute the following command:

 

FortiGate # execute switch-controller switch-software stage <all>|<sn>|<switch-group> 
all Stage image to all FortiSwitch devices.
sn Stage image to FortiSwitch device identified by serial number.
switch-group Stage image to FortiSwitch devices belonging to switch-group.

 

This process will trigger the staging of the images on the FortiSwitches. This means that the firmware will be uploaded from FortiGate to the selected FortiSwitches and will wait for them to be rebooted. Once it reboots, it will load the uploaded firmware. To check the upgrade status on FortiGate, execute the command below:

 

FortiGate # execute switch-controller get-upgrade-status

 

After the upgrade of both MCLAG FortiSwitches, it is recommended to delete the image uploaded to FortiGate to avoid rolling back to the current version on future upgrades.

 

To delete the image from FortiGate:

 

FortiGate # execute switch-controller switch-software delete <all>|<image-name>

 

Scenario 2. Uploading FortiSwitchOS firmware to FortiSwitch directly.

 

It is possible to upload the image directly to FortiSwitch as well:

  • FTP server:

 

FortiSwitch # execute stage image ftp <string> <ftp server>[:ftp port] [<FTP_user_name> <FTP password>

 

  • SFTP server:

 

FortiSwitch # execute stage image sftp <string> <sftp server>[:sftp port] <SFTP_user_name> <SFTP password>

 

  • TFTP server:

 

FortiSwitch # execute stage image tftp <string> <tftp server> [<source_IPv4_IPv6_address>]

 

Notes: 

  • On FortiGate devices equipped with a hard drive, it is possible to upload up to four firmware images for the same FortiSwitch model. In contrast, FortiGate devices that do not include a hard drive support uploading only a single firmware image per FortiSwitch model.
  • Uploading FortiSwitch images to FortiGate via SFTP is not supported.
Terms & ConditionsAccessibility statement