FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
btey
Staff
Staff
Article Id 290984
Description

This article describes how to roll back to a previous firmware version after following a multiple upgrade path.

A downgrade from the flash partition can load the previous configuration. (It does not include the configuration made after the firmware upgrade.)

This article demonstrates an example of a firmware upgrade from version 6.4.16 to 7.2.6 and follows the upgrade path below:

6.4.16 B2093 -> 7.0.13 B0566 -> 7.2.6 B1575

 

After, the appliance is reverted to the previous firmware image, from 7.2.6 B1575 to 6.4.16 B2093.

The steps shown in this article show how to prevent the flash partition for 6.4.16 from being overwritten.

Scope FortiGate.
Solution

After upgrading from 6.4.16 B2093 to 7.0.13 B0566, the flash partition will appear as below:

 

The active partition is 7.0.13 and the second partition is the previous version, 6.4.16.

 

7.0.13_flash list.PNG

Before proceeding to upgrade to 7.2.6 B1575, set the active partition to partition 2 (6.4.16 B2093):

* to keep the partition for 6.4.16.

 

set_partition.PNG

Upgrade the firmware from 7.0.13 B0566 to 7.2.6 B1575:

 

upgrade_from7.0_7.2.PNG

 

The flash list after the firmware upgrade to 7.2.6 B1575:

 

7.2.6_flashlsit.PNG

 

To roll back to 6.4.16 B2093 (if required), set the active partition to the secondary partition and reboot the firewall:

 

set_partition_2.PNG
reboot the firewall to rollback.PNG

 

After reboot, the appliance rolls back to 6.4.16 b2093.

 

after_reboot.PNG

 

Note:

This command does not apply to VM models.