FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes why, in some cases, an automatic upgrade (via the GUI) fails because of too many factors like FortiGate being unable to connect to the FortiGuard server, or a delay in connecting to the server to complete the firmware download and upgrade.
Scope
FortiGate.
Solution
In the event that the message 'Image upgrade failed' appears, attempt the following workarounds to avoid this error on the next upgrade.
Use another browser, clear Cache and Cookies, or use an incognito Window to log in to FortiGate GUI and then, try to perform the automatic upgrade (online).
If the above step did not help, manually download and install the firmware from the support portal. Manually upgrade the FortiGate by using System -> Firmware- > Upload Firmware -> Browse and using the file obtained in this step.
If there are 2 FortiGates in the HA cluster, make sure to upgrade the secondary FortiGate via the primary FortiGate. Do not update the secondary FortiGate directly while it is in the HA cluster.
If these steps do not work, open a TAC case for further troubleshooting, analysis, and resolution.
Also, provide the output of the below debug from both units if the device is in the HA cluster while reproducing the issue:
