Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
adimailig
Staff & Editor
Staff & Editor

Created on ‎06-22-2023 09:22 PM Edited on ‎10-17-2025 01:23 AM By Community Manager

Article Id 261395

Technical Tip: How to cancel FortiGate upgrade using Fabric Management Page (Fabric Upgrade)

Description

This article describes that a FortiGate upgrade using Fabric Management can get stuck, which results in the Fabric Management page continuously loading. Buttons and options are not working on the GUI. 


Error: 'configuration errors encountered during the upgrade'.

It is not possible to cancel the fabric upgrade from the GUI as well.

 

Firmware_Upgrade_Hang_Fabric_Upgrade.png

 

image (39).png

 

image (39).png
Scope FortiGate.
Solution

Cancel the ongoing Fabric upgrade. To cancel the upgrade, use the CLI command below:


execute federated-upgrade cancel


This will cancel the upgrade. If the upgrade is immediate or scheduled to happen very soon, some nodes may have already gone down for an upgrade.


Do you want to continue? (y/n)


More options for these commands are below:


execute federated-upgrade
cancel     <----- Cancel the currently configured upgrade.
initialize    <----- Set up a federated upgrade.
quick-fortigate-upgrade     <----- Set up a 15-minute immediate mode upgrade for all FortiGates in the CSF tree.
quick-full-upgrade  <----- Set up a 15-minute immediate mode upgrade for all CSF devices.
restart    <----- Restart the currently configured federated upgrade.
status     <----- Show the current status of the federated upgrade.


More details about Fabric Upgrade on:

Upgrading all device firmware by following the upgrade path (federated update)

 

Note: 

Starting with v7.4.8 and v7.6.4, a new behavior has been introduced on unlicensed or end-of-support FortiGate devices. See this document: Automatic firmware upgrades for FortiGate appliances with invalid support contracts or that have rea...

For example, if the device has an expired support contract or EOL firmware, this will force devices to upgrade to the latest patch.

This upgrade cannot be called; it can only be postponed for 7 days, and this can be done unlimited.

 

execute auto-upgrade delay-installation

 

For example, if the FortiGate has an expired support contract and is running v7.6.4, but the latest FortiOS from branch v7.6 is v7.6.8, the FortiOS will follow strictly the recommended upgrade path.


Related articles: 
Technical Tip: How to confirm an upgrade was done by federated-upgrade feature - Fortinet Community

Troubleshooting Tip: Fabric management loading forever after trying to upgrade
Technical Tip: Firmware upgrade for FortiOS firmware 7.2 and later via the upgrade path (federated u...

Technical Tip: Disable auto-upgrade for unlicensed FortiGates 
6631
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.