Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Gabana
New Contributor

FortiOS 5.2.2 Upgrade

Hi all :)

 

we have a fortigate with fortiOS 5.2.2 and we need to upgrade it to 5.6.3

i have a question about it :

 

    "can we directly install fortiOS 5.6.3 on it if our firewall has no config ? or we should go through the upgrade path?"

1 Solution
bmekler
New Contributor III

The firewall always has a configuration, even if it's the default one, and this configuration gets converted during upgrades. The conversion scripts that run as part of a software upgrade are built and tested only for a limited number of versions, hence the recommended upgrade paths. Your options are:

1. Follow the recommended path, which is long and annoying - 5.2.3>>5.2.5>>5.2.7>>5.2.9>>5.4.4>>5.6.2>>5.6.3

2. Upgrade directly to 5.6.3, then reset to factory defaults, to load default configuration for 5.6.3

3. Load 5.6.3 in bootloader over TFTP - this will ignore current configuration and load 5.6.3 directly with factory defaults.

 

Personally, I would go with option 4: load 5.4.8 over TFTP. Unless you absolultely require certain features in 5.6.x, staying one branch behind the leading version is generally best for stability. The only environments where I'm currently deploying 5.6.x are sites with FortiAP-221E access points, which require 5.6.x to work.

View solution in original post

1 REPLY 1
bmekler
New Contributor III

The firewall always has a configuration, even if it's the default one, and this configuration gets converted during upgrades. The conversion scripts that run as part of a software upgrade are built and tested only for a limited number of versions, hence the recommended upgrade paths. Your options are:

1. Follow the recommended path, which is long and annoying - 5.2.3>>5.2.5>>5.2.7>>5.2.9>>5.4.4>>5.6.2>>5.6.3

2. Upgrade directly to 5.6.3, then reset to factory defaults, to load default configuration for 5.6.3

3. Load 5.6.3 in bootloader over TFTP - this will ignore current configuration and load 5.6.3 directly with factory defaults.

 

Personally, I would go with option 4: load 5.4.8 over TFTP. Unless you absolultely require certain features in 5.6.x, staying one branch behind the leading version is generally best for stability. The only environments where I'm currently deploying 5.6.x are sites with FortiAP-221E access points, which require 5.6.x to work.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors