Hello All,
We have a fortigate firewall 601 hardware (Master-Slave) with version : "v6.0.6 build6325 (GA)" , this firewall is integrated with Forti-Manager (VM64) which is on version : "v6.2.3 GA build1235".
As firewall firmware version is quite Old , we are planning to upgrade the same to some LATEST and STABLE version.
FortiGate Firewall is with License : Firmware & General Updates, IPS and Antivirus.
Requesting if anyone can advise stable latest release for firewall (we also have to consider the compatibility of new firewall version with Forti-Mgr version).
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi Friends,
Can anyone suggest here....
Hello,
First of all, you can verify here the compatibility between FortiGate and FortiManager versions:
https://docs.fortinet.com/document/fortimanager/7.0.0/compatibility-with-fortios
Now, to the FortiGate version. I think you have 601E device, so you have option to upgrade up to 7.0 version. Now, when someone is asking which version is the best to upgrade, it always depends on which features you are using. If you want to use ADVPN with SDWAN or SDWAN in general, I would recommend to upgrade 6.2.10 (latest firmware at the moment). But if you are using different features, you want to check release notes and new features doc to see what was implemented, if any bugs were fixed and if any bugs are waiting for fix. Another thing to consider is firmware life cycle. End of support for 6.0 is September 2022.
But, if you are satisfied with 6.0, you can stay on 6.0.14 as it has some vulnerabilities fixed.
Hi akristof,
You mentioned that version 6.0 will going End of Support during Sep-22. Additionally, You also suggesting to stay with 6.0.14 ....Bit confusing...
Anyway, If we decide to go for upgrade on 6.0.14 then can we directly jump from 6.0.6(current version) to 6.0.14 ?
And if we plan to go with 6.2.10 version , What would be the upgrade path.
please help.
Hey jsr,
in a setup with FortiManager and FortiGate, please also be aware that you first need to upgrade FortiManager to a newer version, and then the FortiGate, to retain compatibility between the units during upgrade.
In addition, once you have upgraded the FortiGate, you will need to upgrade the FortiManager ADOM to the new FortiGate version, or move the FortiGate to a different FortiManager ADOM with the correct FortiOS version.
Hi Debbie_FTNT,
If You don't mind, could You please share the overall steps / process to upgrade Master-Slave pair of Fortigate firewall along with Fortimanager process.
Hey jsr,
doing a detailed write-up would probably be too long for this response, but as a rough overview:
1. Upgrade FortiManager
-> determine what target version you need to go to based on compatibility matrix that Adrian shared
-> check FortiManager release notes for upgrade path (includes information from what version you can upgrade, and how)
-> upgrade FortiManager to determined version
2. Upgrade FortiGate as per upgrade path from the tool Adrian linked
-> simply start upgrade process on the primary, cluster will automatically upgrade both units with no extra requirements
-> repeat until you reach the desired firmware
3. ADOM setup on FMG
-> upgrade the ADOM (under System Settings > All ADOMs, right-click on the ADOM FortiGate is in) to the new FortiGate version
or
-> create an ADOM in the new FortiGate version, and move FortiGate there
--> this also requires new policy import to get a package and objects into ADOM database
FortiManager upgrade shouldn't have an impact on FortiGate operations unless you use it for FSSO or similar, but FortiGate upgrade can cause short interruptions as cluster will fail over multiple times during upgrade
Hello,
For upgrade path, you can check it here:
https://docs.fortinet.com/upgrade-tool
Regarding out-of-support, it will be out-of-support with TAC, device will still receive AV,IPS,APP updated.
Created on 02-16-2022 08:39 PM Edited on 02-16-2022 08:44 PM
Hello akristof,
Thanks ! Please suggest the same (path upgrade process) for Forti-Manager version updation as well.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.