FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
mturic
Staff
Staff
Article Id 190662

Description


This article describes how to install a newer FortiNAC version from the CLI after downloading the image .bin file.

 

Scope

 

Any supported version of FortiNAC.

 

Solution

 

  1. Go to the Fortinet support account, navigate to Support -> Firmware Download and select the FortiNAC product.

    Navigate to the FortiNAC versions folder to download and install the intended version:

 

Stephen_G_0-1692094902078.png

 

 

  1. Download the file to the computer and copy this to the FortiNAC server folder:

/bsc/campusMgrUpdates  

 

It is possible to do this using WinSCP.

 

  1. Log in to the FortiNAC CLI as the root user and execute the following commands in the folder with the .bin file.

cd /bsc/campusMgrUpdates   <- Make this an executable file.
chmod +x <File_Name>.bin   <- Install the file.
#./<File_Name>.bin

 

Failure to upgrade due to unreachable FTP server used for Remote Backup

In some cases, upgrades can fail both through the GUI and the CLI. This may happen in rare cases where the FTP server configured in FortiNAC System -> Settings -> System Management -> Remote Backup Configuration is not reachable. 
In FNAC upgrade logs stored at /bsc/campusMgrUpdates/update_log-YYYY-MM-DD.HH.MM.SS, the following events will be seen:

 

Error: FTP transfer failed from NAC to 192.168.1.10
Connected to 92.168.1.10 (92.168.1.10).
220
421 Service not available, remote server has closed connection
Not connected.
Not connected.


/bsc/campusMgr/../campusMgrUpdates/FNAC_install_9.2.8_build0471.bin: some unexpected error happened during the install.


The machine(s) in this cluster are NOT CURRENTLY IN A VALID STATE.
This problem needs to be fixed before this cluster can be used in
a production environment.


A logfile of this install is stored in
/bsc/campusMgrUpdates/update_log-YYYY-MM-DD.HH.MM.SS . If this problem
persists, please contact Support and provide them with this file.

 

This can be resolved by simply disabling Remote FTP backup in the GUI and proceeding with the upgrade process.
However, in some FortiNAC versions, the administrators may not be able to disable this option due to known issues:

  • 852946 - System Management settings cannot be saved due to error (HTTP 500).
  • 838525 - Configuring the Remote Backup results in a 'HTTP Status 500 – Internal Server' error.

The upgrade in this case will still fail since the changes on the GUI will not take affect.

 

The workaround is to perform the upgrade manually from the CLI by overriding the remote FTP backup configuration as below:

 

cd /bsc/campusMgrUpdates
chmod +x FNAC_install_9.2.8_build0471.bin
./FNAC_install_9.2.8_build0471.bin -o skip_centos_backup

 

Related documentation: