Description
This article describes that the GUI supports the prevention of major and minor version firmware upgrades if the FortiGate has an expired support contract.
FortiGates with expired support contracts cannot upgrade the firmware to a higher major or minor version. However, the FortiGate can still be upgraded to a higher patch build, such as FortiOS 7.4.1 to 7.4.3, to allow for security updates.
Scope
FortiGate 7.4.
Solution
The status of the FortiGate support contract can be viewed in the Licenses widget from Dashboard -> Status.
- OS Upgrade 7.4.1 to 7.6.0 :
FortiGuard upgrades will be unavailable until the support contract is renewed.
- OS Upgrade 7.4.1 to 7.4.3:
The FortiGate firmware can be upgraded to a higher patch build to allow for necessary security updates.
In the following example, a firmware image file is uploaded in an attempt to upgrade from 7.4.1 to 7.4.3. Since it is a patch release, the file is accepted and the upgrade can proceed.
- OS Downgrade 7.4.1 to 7.2.4 :
The FortiGate firmware can be downgraded to lower major and minor versions.
In the following example, a firmware image file is uploaded in an attempt to downgrade from 7.4.1 to 7.2.4. Since the firmware is for a lower version, the firmware is accepted and the downgrade can proceed.
Related documents:
Prevent firmware upgrades when the support contract is expired using the GUI 7.4.1
