Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
smstoyanov
New Contributor

Fortigate images

Hello team ,

im not so aware with fortigate upgrade/downgrade process.

The second part of my cluster got down because the image got crashed and i proceed with installation of another image.The previous version was 5.2.4 buld0688 - now is 5.4.2 build 1100 and my environment now use the Active node from the cluster

which is 5.2.4 build068.

The only thing  that i want to do is to downgrade the crashed fortigate  to 5.2.4 build0688 version but my roaming over internet doesnt take effect because cant find this version and build.

Does somebody can navigate me how i can take one of this images.

 

Version: FortiGate-90D v5.2.4,build0688,150722 (GA)

 

 

1 Solution
Chris
Contributor

I hope you know that there exitst upgrade paths?

You cannot jump from one Version to another.

If you read the part "Upgrading to FortiOs 5.4.2" in the Release Notes

you will see that you must have 5.2.8 or later to upgrade to 5.4.2

 

In your case you must upgrade from 5.2.4 to 5.2.6 then 5.2.8 and final to 5.4.2

 

The 5.2.4 0688 Release should be available through the Service Portal.

When you logged in and go to Downlad images you should see them.

 

View solution in original post

5 REPLIES 5
Chris
Contributor

I hope you know that there exitst upgrade paths?

You cannot jump from one Version to another.

If you read the part "Upgrading to FortiOs 5.4.2" in the Release Notes

you will see that you must have 5.2.8 or later to upgrade to 5.4.2

 

In your case you must upgrade from 5.2.4 to 5.2.6 then 5.2.8 and final to 5.4.2

 

The 5.2.4 0688 Release should be available through the Service Portal.

When you logged in and go to Downlad images you should see them.

 

smstoyanov

Hello Chris,

the issue is that I already upgrade the affected node to 5.4.2 build 1100 and want to rollback to 5.2.4 build0688.

Of course, i didn't follow this step and met these issues.

And the cherry on the cake is that m organization don't have support service which directly restricts me to download images from the FortiGate portal.

Chris

The upgrade path is designed to have a valid config so that the device will work. On every update the config will be modified if necessary. In your case the only way is to reset the device to the factory settings by formatting the device. This can be done via console (TFTP) or the FortiExplorer if it is supported. Then you have the corresponding config for this firmware release.

This should give you a working device and it's just like using the upgrade path.

The only difference is that you have to reconfigure it.

 

ede_pfau
Esteemed Contributor III

Actually, without support contract and access to the firmware images you can't do much; neither downgrade nor upgrade. There is no way to 'extract' the image file from a running FGT.

 

Downgrading will most probably cost you the config but that's not so bad. Do a 'factoryreset', then set a few HA parameters and connect to the master unit. The slave unit will be synch'ed then.


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
emnoc
Esteemed Contributor III

Yeap without a support contract your access is limited. Extract a image from a working FGT is not exactly easy.

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
Labels
Top Kudoed Authors