Troubleshooting Tip: Unable to upgrade/downgrade firmware due to invalid license status even though FortiGate has a valid license

hbac · ‎04-06-2025

Description

This article describes how to resolve an issue where it is not possible to upgrade/downgrade firmware, and the error message 'Unable to upgrade/downgrade firmware through FortiGuard because of invalid license status' is thrown despite the FortiGate having a valid license.

invalid license.PNG

This issue happens when the FortiGate is in HA and one of the HA members does not have a valid license.

Scope

FortiGate.

Solution

It is required that all HA members have valid licenses. If HA members have different license levels or expiration dates, all HA members will be downgraded to the lowest license.

To resolve this issue, make sure all HA members have valid licenses.

Starting from FortiOS v7.2.9, v7.4.6, v7.6.1 and above, FortiGate supports 'Single FortiGuard license for FortiGate A-P HA cluster'. It is possible to purchase a specific FortiGate SKU which can be applied to both HA members. For more information, see Technical Tip: Additional Info regarding Single FortiGuard license for FortiGate A-P HA cluster feat....

Note:
If both FortiGates in an HA cluster are confirmed to have the same level of licensing but are still getting the same error, force communication to FortiGuard to have licenses re-checked by running the command execute update-now.

Related article:

Technical Tip: The HA Cluster requirements - Fortinet Community

Troubleshooting Tip: Unable to upgrade/downgrade firmware due to invalid license status even though FortiGate has a valid license

You are leaving our website