Created on 05-13-2005 12:00 AM Edited on 04-07-2024 03:52 PM By Stephen_G
Description
This article describes how to upgrade FortiGate firmware. FortiGate administrators whose access profiles contain system configuration read and write privileges and the FortiGate admin user can change the FortiGate firmware.
Download the most recent firmware build from the Fortinet Technical Support web site at http://support.fortinet.com/.
Scope
FortiGate.
Solution
Before upgrading.
It is important to read the release notes which are as well available from the Fortinet Customer Service & Support site (https://support.fortinet.com/) at the same location from where the firmware image was downloaded. After downloading, review the special notices, upgrade information, product integration and support, resolved issue, known issues and limitations
Also, check the upgrade path tool for a correct upgrade path.
Under 'select product' on the firmware download page, make sure to pick the correct product and version, then select the destination version and then select 'go'. Failure to follow a valid upgrade path will cause issues.
To upgrade the firmware using the web-based manager.
Note: Always upgrade the firmware from a local copy. Never perform firmware upgrade over the Internet. It is recommended to upgrade the firmware locally with a physical console cable available if required for any troubleshooting.
5.2.x & 5.4.x versions
To upgrade the firmware
The FortiGate unit uploads the firmware image file, upgrades to the new firmware version, restarts, and displays the FortiGate login. This process takes a few minutes.
5.6.x, 6.0.x & 6.2.x Versions.
7.0.x, Versions.
7.2.x and 7.4.x Versions:
Upgrading the firmware through the CLI.
Before starting, ensure a TFTP server is running and accessible to the FortiGate unit.
Copy the new firmware image file to the root directory of the TFTP server.
Log into the CLI.
Make sure the FortiGate unit can connect to the TFTP server.
Use the following command to ping the computer running the TFTP server. For example, if the IP address of the TFTP server is 192.168.1.168:
execute ping 192.168.1.168
Enter the following command to copy the firmware image from the TFTP server to the FortiGate unit:
execute restore image tftp <filename> <tftp_ipv4>
The FortiGate unit responds with the message:
This operation will replace the current firmware version!
Do you want to continue? (y/n)
Type y. The FortiGate unit will upload the firmware image file, upgrade to the new firmware version, and restart. This process takes a few minutes.
Reconnect to the CLI.
Updating the firmware on FortiGate.
Upgrading From the Details window.
Load the firmware and reboot by going to the menu tabs on the left of the interface window. Go to System -> Dashboard -> Status -> System Information -> Firmware Version -> Details.
The FortiGate will reboot.
Upload and Boot to Firmware at a later time or Boot to Previous Firmware.
In the CLI, use the following commands.
To list partitions and check if they are active:
diag sys flash list
To indicate what partition to boot from the next time the device reboots (Partition 1 is the primary and Partition 2 is the secondary):
execute set-next-reboot <primary|secondary>
To reboot the FortiGate:
execute reboot
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.