In affected firmware versions and platforms, the upgrade path matrix cannot be downloaded as it is too large for the assigned buffer. This causes supported upgrades to incorrectly show no valid upgrade path.

Example upgrading FortiOS v7.4.8 to FortiOS v7.4.9:

Attempting to upgrade a VM from FortiOS v7.4.8 to v7.4.9 shows the following error in the GUI  'No valid upgrade path from FortiOS v7.4.8 build2795 to FortiOS v7.4.9 build2829'.

However, v7.4.8 to v7.4.9 is a supported upgrade step for this platform.

Diagnostics:

The image list shows that v7.4.9 has available firmware images to upgrade.

diagnose fdsm image-list | grep v7.4
07004000FIMG0012004009 v7.4 MR4-GA-M P9 b2829 (upgrade)
07004000FIMG0012004007 v7.4 MR4-GA-M P7 b2731 (downgrade)
07004000FIMG0012004006 v7.4 MR4-GA-M P6 b2726 (downgrade)
07004000FIMG0012004005 v7.4 MR4-GA-M P5 b2702 (downgrade)

...

However, the image-upgrade-matrix showing supported upgrade paths is blank.

diagnose fdsm image-upgrade-matrix
Result=Error.

Resolution:
The issue has been acknowledged and is resolved in v7.6.5. The fix is scheduled for v7.4.10 and v8.0.0 build0097. Once upgraded to one of these versions, FortiGate can download the image upgrade matrix, and the false positive upgrade path warning no longer occurs.

This issue only affects platforms with a large number of historical firmware versions (ie, FortiGate VMs).

Workaround:

1. Verify the upgrade path manually using the Upgrade Path Tool Table or the support site, see the article Technical Tip: How to verify FortiGate Upgrade path to upgrade the FortiGate to a higher Firmware Ve....
   
   
2. Upgrade each step in the upgrade path manually using one of the following methods:
   
   • Manual image upload from the GUI, following this KB article Technical Tip: Manual firmware upgrade by referring to an upgrade path
   • Manual image upload from CLI using TFTP/FTP/management station: Technical Tip: Restore image using an FTP server and from an URL and Technical Tip: Firmware Upgrade/Downgrade via Built-in FortiGate Management Station
     

Example upgrading FortiOS v7.4.8 to v7.4.9 using management-station:

diagnose fdsm image-list | grep v7.4
07004000FIMG0012004009 v7.4 MR4-GA-M P9 b2829 (upgrade)
07004000FIMG0012004007 v7.4 MR4-GA-M P7 b2731 (downgrade)
07004000FIMG0012004006 v7.4 MR4-GA-M P6 b2726 (downgrade)
07004000FIMG0012004005 v7.4 MR4-GA-M P5 b2702 (downgrade)

...

execute restore image management-station 07004000FIMG0012004009

####################################################################################################
This operation will replace the current firmware version!
Do you want to continue? (y/n)y

Verifying the signature of the firmware image.
Image verification OK!
Warning: Installing image v7.4.9 from v7.4.8 may result in loss of configuration. Do you want to proceed?
Do you want to continue? (y/n)y

Warning: Upgrading to an image with Mature maturity notation.