Can not update to FortiOS 7.2.7 on 60F.

earthlab · ‎02-10-2024

Hi all,

I'm using FortiOS 7.2.6 on a FortiGate 60F. The current firmware is v7.2.6 build 1575. However, this version has a critical vulnerability [CWE-787]. You can find more details here: https://fortiguard.fortinet.com/psirt/FG-IR-24-015.

I attempted to upgrade to 7.2.7 through the FortiGate's fabric management page, but the page indicated that my firmware is up to date.

So I disabled SSL-VPN :(

Has anyone successfully upgraded to 7.2.7 on a FortiGate 60F through the fabric management page without having to manually upload the firmware?

Thank you.
Earthlab

SecurityPlus · ‎02-10-2024

I don't find the interface to manually update the firmware on a 70F currently running 7.2.6. The System/Firmware page is not present. The interface to provide the manual update file is not visible. Suggestions?

Also, is it possible to instruct the automatic firmware updates to update NOW? If this is possible and is selected, does it run immediately or is it likely that there would be a delay?

SecurityPlus · ‎02-10-2024

I just noticed that I can click Cancel Fabric Upgrade from the System/Fabric Management page and then continue with the manual update.

fanus · ‎02-14-2024

Also had the same, the automatic update could not be approved or initiated, Cancelled and clicked on upgrade. Worked!

SecurityPlus · ‎02-10-2024

Yes, I just successfully completed a manual update to a 60F (not sure what the build was) and it said it needed the update from 7.2.6 to 7.2.7.

I'm logged into another 60F running 7.2.6 build 1575, but this one does not say that it needs to be updated to 7.2.7. Under the FortiGate Upgrade Select Firmware Latest tab, it says: The firmware is up to date. It only offers updates to 7.4.x. Is there a reason it does not think it needs the 7.2.7 update? Should I use the File Upload option?

funkylicious · ‎02-10-2024

Yes, for all devices that dont detect the latest version from 7.2.X train, do it manually.

"jack of all trades, master of none"

SecurityPlus · ‎02-10-2024

Can anyone tell me what the M means in the following firmware image:

FGR_60F-v7.2.7.M-build1577-FORTINET.out?

I tried to use this image to update a FortiGate 60F (FGT60F) build 1575 from 7.2.6 to 7.2.7. When I provide the image via FortiGate Upgrade/Select Firmware/File Upload, I get a message that says: Image file doesn't match platform. I did check the checksum against the falue provided and it matches.

SecurityPlus · ‎02-10-2024

Self-inflicted error. I should have been using the image that starts FGT_60F not FGR_60F. I presume that the R in FGR means rugged. When I used FGT_60F I encountered no errors.

Toshi_Esumi · ‎02-10-2024

I think M=Maintenance. By the way FGR_ images are for the rugged models. FGT_ images are for the regular FGT models.

Toshi

amuda · ‎02-13-2024

M= Mature

F= Feature

More info here: https://docs.fortinet.com/document/fortigate/7.2.0/new-features/173707/introduce-maturity-firmware-l...

Amerul
APAC TAC

earthlab · ‎02-10-2024

Hi! All,

As you know Fortinet changed the 'auto-firmware-upgrade ' parameter of default. And then, FortiGuard server is not powerful(not enough).

Conclusion: Fortinet have to powerup the FortiGurd infrastracture.

I my 60F's 'auto-firmware-upgrade ' parameter was aggressive like following.
-----------------
config system fortiguard
set auto-firmware-upgrade-day sunday saturday
set auto-firmware-upgrade-delay 0
set auto-firmware-upgrade-start-hour 23
set auto-firmware-upgrade-end-hour 8
set webfilter-cache-ttl 21600
end
-----------------
Despite the 60F still using v7.2.6 now.

And fabric management page still said 'The firmware is up to date.'.

It's very big issue when the patche includes 'Security' and 'Critical' issue(s).

Thank you,
Earthlab

Can not update to FortiOS 7.2.7 on 60F.

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website