This article describes how to work around a situation where the FortiGate Cluster upgrade gets stuck and only one member of the cluster has upgraded.

For example:

One member is on v7.2.2 (usually the Active unit) and the other is on v7.2.3 (usually the backup).

Schedule a maintenance window before proceeding and download the FortiOS 7.2.3 image file for the unit affected from the Fortinet support website.

From here, proceed in one of two ways:

Scenario 1: If the Active unit is running v7.2.3, retry the upgrade by using the downloaded FortiOS image.

1. Go to System -> Fabric Management. (or in the new releases, System -> Firmware & Registration).
2. Select the device to upgrade. The 'Upgrade' button will become active.
3. Go to 'File Upload' and import the firmware image for v7.2.3 previously retrieved from the Fortinet support website to upload the same firmware version to both units again.

Scenario 2: If the Active unit is the one still in 7.2.2, either perform a failover or perform the following steps:

1. Downgrade the Backup member that was upgraded: KBlink.
2. After the downgrade, use the 'Upgrade' button instead of 'Fabric Upgrade' to upgrade again. Ensure the upload is started from the primary member.
3. Navigate to Upgrade -> File Upload and select the image from the PC.
4. Confirm and back up the config.

Example upgrading from v7.4.4 to v7.6.0:

If the upload is started on the Passive member, a known issue in v7.2 may occur that invalidates the image.

If it is not possible to downgrade because a VM is being used, try to stop the 'Fabric Upgrade' and proceed directly with the 'Upgrade' button.