Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
jiyong
Staff
Staff

Created on ‎09-07-2023 10:42 PM Edited on ‎05-29-2025 04:00 AM By Staff

Article Id 272742

Technical Tip: Supports preventing major and minor version firmware upgrades when support contract expires

Description

 

This article describes that the GUI supports the prevention of major and minor version firmware upgrades if the FortiGate has an expired support contract.

 

FortiGates with expired support contracts cannot upgrade the firmware to a higher major or minor version. However, the FortiGate can still be upgraded to a higher patch build, such as FortiOS 7.4.1 to 7.4.3, to allow for security updates.

 

Scope

 

FortiGate v7.4.0, v7.4.1

 

Solution

 

The status of the FortiGate support contract can be viewed in the Licenses widget from Dashboard -> Status.

 

dashboard-1.PNG

 

  1.  OS Upgrade 7.4.1 to 7.6.0: FortiGuard upgrades will be unavailable until the support contract is renewed.

 

7.6.0.PNG

 

  1. OS Upgrade 7.4.1 to 7.4.3: The FortiGate firmware can be upgraded to a higher patch build to allow for necessary security updates. In the following example, a firmware image file is uploaded in an attempt to upgrade from 7.4.1 to 7.4.3. Since it is a patch release, the file is accepted and the upgrade can proceed.

 

7.4.3.PNG

 

  1. OS Downgrade v7.4.1 to v7.2.4 : The FortiGate firmware can be downgraded to lower major and minor versions. In the following example, a firmware image file is uploaded in an attempt to downgrade from 7.4.1 to 7.2.4. Since the firmware is for a lower version, the firmware is accepted and the downgrade can proceed.

 

7.2.4.PNG

 

This behavior has been further improved on version 7.4.2. The FortiGate firmware license enforcement will now base on the expiry date of the FortiGate firmware license as compared to the release date of the first GA release of a major version. Firmware upgrades between major or minor versions on FortiGate with an expired support contract will not be allowed if the firmware license expired prior to the first GA major release date.

 

To give an example, the license for firmware upgrades on the FortiGate has expired last 2022/09/02 while the 7.4.0 GA was released 2023/05/11. When attempting to upgrade from 7.4.5 to 7.4.6, though only a minor upgrade, will not be allowed until the support contract is renewed.

 

Related documents:

Prevent firmware upgrade depending on the current firmware license's expiration date 7.4.2

Prevent firmware upgrades when the support contract is expired using the GUI 7.4.1

Prevent FortiGates with an expired support contract from upgrading to a major or minor firmware rele...

Labels:
3063
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.