When troubleshooting 3G4G Modem for WWAN or SIM card issues, it is often necessary to upgrade the modem of LTE or specific ISP vendor compatible firmware for example Telstra in Australia. See the Administration Guide for the upgrade to find other firmware upgrade procedures. To upgrade with management-station, see Technical Tip: How to upgrade LTE(3G/4G) modem firmware with a management station service.

Verify the Parts from FortiGate with the command below. The parts will be for user EM75XX:

diagnose sys lte-mode modem-detail

Download the firmware from this Sierra Wireless page.

Once the above download link is available, there will be 2 different modes that can be found, which will be listed with the above command 'Manufacturer' Parts. In this example, it is necessary to scroll down to the second part which is 7565. See the below screenshot.

FortiGate uses 'Linux Binaries', and 'Generic' Firmware and will be compatible with most of the ISP.

Most FortiGate with LTE modem built-in with the version below, which can be found with the command 'diagnose sys lte-mode modem-details'.

In Revision Part:

In this example, the Firmware version will be SWI9X50C_01.08.04.00, and the latest firmware available from the above download link will be SWI9X50C_01.14.13.00 for the Linux version.

Select the download button for Linux Binaries and once down, extract the packet to the computer that has access to FortiGate.

After extracting the downloaded packet, there are two files as shown below in the screenshot:

Access FortiGate via GUI. The upgrade can be done from Network-> System -> Interface, 'Double-click' the WWAN interface, at the right-hand side, select the upgrade button:

After selecting the Upgrade button, two files are required:

1. Firmware File'.
2. PRI file: select 'Browse' and navigate to the local computer, Firmware File extension will be 'cwe'. See below:

'Double-click' this file, 'browse' the second PRI file. At same extracted folders, it will be possible to find the extension 'nvu' file.

'Double-click':

Select 'Upgrade' at the bottom:

The upgrade will be started by itself. This upgrade will not cause a firewall reboot. However, it is recommended to do this action in the proper maintenance window for any unexpected behavior to roll back.

Note: FortiGate devices include different modem firmware packages depending on the carrier (e.g., AT&T, US Cellular, TELUS, etc.).

To upgrade the modem firmware of a carrier that is not currently in use, download the modem firmware file from the Sierra Wireless website linked above and then manually upload the firmware to the FortiGate. This process updates only the selected carrier’s modem firmware version without impacting other carrier firmware versions.

Example:
If AT&T is the active carrier on the device but the FortiGate may also roam onto US Cellular, and the requirement is to update the US Cellular modem firmware, download the latest US Cellular firmware package and manually upload it to the FortiGate. This will update only the US Cellular modem firmware, while the AT&T and other carrier firmware versions remain unchanged.

The modem firmware can also be upgraded through FortiGuard. When upgrading via FortiGuard, only the currently active carrier’s modem firmware is updated. Other carrier firmware versions on the device remain unchanged.

Related document: Upgrade LTE modem firmware directly from FortiGuard - FortiGate 7.6.3 administration guide.

If any specific firmware is required from the ISP site for example Telstra, try to download the specific version. For example: Telstra specific drive - Sierra Wireless.

This process can also be executed via CLI running the following commands:

execute lte-modem get-modem-firmware ftp filename.cwe 1.2.3.4:21 ftp_user ftp_password
execute lte-modem get-pri-firmware ftp filename.nvu 1.2.3.4:21 ftp_user ftp_password
execute lte-modem start-upgrade

Note:

This is necessary for v7.0 and below.