Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Seis
New Contributor

Created on ‎07-31-2025 05:46 AM

Fortigate firmware upgrade via Fortimanager Script

I need to upgrade a group of not licenced fortigates, I tried to run a script that execute a restore image tftp but after downloading and validate the image from the tftp server the script stops with errors and doesnt do anything.

 

script.png

progress error.png

scriptlog.png

I would like to know if this upgrade process is posible and if there are alternatives to do this upgrade on not licenced fortigates. Maybe a script on an external server that execute a ssh on every fortigate.

 

Thanks!

Labels:
288
0 Kudos
1 Solution
Seis
New Contributor

Created on ‎08-07-2025 10:23 AM

I found a way to do the upgrade. Executing the image restore from FortiManager cause an error or some kind of incompatibility I dont know why. So the solution I found was create an automation with the image restore as the action.

 

config system automation-trigger
edit "upgrade"
set trigger-type scheduled
set trigger-frequency once
set trigger-datetime 2025-08-06 00:00:00
next
end

config system automation-action
edit "cmd"
set action-type cli-script
set script "execute restore image tftp <image> <IP>"
set accprofile "super_admin"
next
end


config system automation-stitch
edit "upgrade"
set trigger "upgrade"
config actions
edit 1
set action "cmd"
set required enable
next
end
next
end

Thanks to all!

View solution in original post

177
6 REPLIES 6
Jean-Philippe_P
Moderator
Moderator

Created on ‎08-03-2025 01:46 PM

Hello Seis, 

 

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible. 

 

Thanks, 

Regards,

Jean-Philippe - Fortinet Community Team
255
0 Kudos
Jean-Philippe_P
Moderator
Moderator

Created on ‎08-04-2025 11:17 PM

Hello,

 

We are still looking for an answer to your question.

 

We will come back to you ASAP.

 

Thanks,

Regards,

Jean-Philippe - Fortinet Community Team
234
0 Kudos
filiaks1
Contributor II

Created on ‎08-04-2025 11:59 PM

Probably you need a license also this seems why you have selected the forum and not opened a support case as Support will not help with unlicensed fortigates and that is normal.

226
Jean-Philippe_P
Moderator
Moderator

Created on ‎08-07-2025 12:35 AM

Hello again, Seis,

 

I found this solution. Can you tell me if it helps, please?

 

Upgrading non-licensed FortiGate devices using a script can be challenging due to the limitations in support and features available for non-licensed units. However, you can attempt the following steps to upgrade these devices:

 

  1. Ensure TFTP Server is Running: Make sure your TFTP server is operational and the firmware image is in the root directory.

  2. Verify Connectivity: Use the `execute ping <tftp_ipv4>` command to ensure each FortiGate can connect to the TFTP server.

  3. Script Execution:
    - If the script stops after downloading and validating the image, check for any error messages that might indicate the issue.
    - Ensure the script includes the necessary commands to confirm the upgrade process, such as responding to prompts with 'y' for confirmation.

  4. SSH Script Execution:
    - You can use an external server to execute an SSH script that logs into each FortiGate device and runs the upgrade commands.
    - Ensure the script handles interactive prompts and errors gracefully.

  5. Manual Upgrade: If scripting continues to fail, consider manually upgrading each device using the CLI method described in the context.

  6. Check for Errors: Review any error messages or logs to identify specific issues that may be causing the script to fail.

 

If these steps do not resolve the issue, you may need to consult with Fortinet support for further assistance, especially if the problem persists across multiple devices.

Regards,

Jean-Philippe - Fortinet Community Team
198
Seis
New Contributor

Created on ‎08-07-2025 10:23 AM

I found a way to do the upgrade. Executing the image restore from FortiManager cause an error or some kind of incompatibility I dont know why. So the solution I found was create an automation with the image restore as the action.

 

config system automation-trigger
edit "upgrade"
set trigger-type scheduled
set trigger-frequency once
set trigger-datetime 2025-08-06 00:00:00
next
end

config system automation-action
edit "cmd"
set action-type cli-script
set script "execute restore image tftp <image> <IP>"
set accprofile "super_admin"
next
end


config system automation-stitch
edit "upgrade"
set trigger "upgrade"
config actions
edit 1
set action "cmd"
set required enable
next
end
next
end

Thanks to all!

178
Jean-Philippe_P
Moderator
Moderator
In response to Seis

Created on ‎08-07-2025 09:59 PM

Hello Seis!

 

Super and well done! Thanks for sharing the solution to everybody :)

 

Regards

Regards,

Jean-Philippe - Fortinet Community Team
150
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.