Help
FortiManager
FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.
FortiZiq
Staff
Staff

Created on ‎04-25-2025 01:12 AM Edited on ‎05-22-2025 11:18 PM By Staff

Article Id 389269

Troubleshooting Tip: FortiManager Firmware Upgrade Template messages showing 'failover to local FMG image'

Description

This article describes how to disable failover to FortiGate firmware image from FortiManager if FortiGate does not have connectivity with FortiGuard.
Scope FortiManager.
Solution

When upgrading FortiGate via FortiManager and FortiGuard is unreachable, the upgrade will fail over to get the FortiGate firmware image from FortiManager.

 

Example:

In the Firmware Template, the option 'Let Device Download Firmware From FortiGuard' has been enabled:

 

let-device-download.png

 

When running the firmware template, the upgrade task shows that the upgrade was performed successfully:

 

upgrade task.png

 

Further drilling down into the Progress Report, the following messages can be seen where the license check failed (i.e., FortiGate is not able to connect to FortiGuard) and that it has failed over to image from FortiManager:

 

progress report.png

 

This can be disabled by configuring the following command in FortiManager:

 

config fmupdate fwm-setting

    set fds-failover-fmg disable

end

 

The command above will disable the failover to image from FortiManager, and the upgrade will simply fail due to timeout:

 

after config.png
345
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2026 Fortinet, Inc. All Rights Reserved.