I am looking for some tips or advice on performing firmware upgrades through FortiManager.
This tool, https://docs.fortinet.com/compatibility-tool/fortimanager has been helpful but I want to make sure I understand what's its telling me. When it refers to fortiOS family, is that for all devices in direct relation to Fortimanager?
Because there seems to be a second layer of compatibility between when its going from the FortiGate to a FortiSwitch. https://docs.fortinet.com/document/fortiswitch/7.4.2/fortilink-compatibility
I just want to make sure the firmware I upgrade some of these devices to doesn't exceed what's supported by our FMG or directly connected devices.
Any clarification or information on this process is appreciated. Also I am fairly new to Fortigate products so be gentle.
Solved! Go to Solution.
When upgrading firmware in a Fortinet Security Fabric as such, please refer here to see which devices in the fabric should be upgraded first: https://docs.fortinet.com/document/fortigate/7.4.3/fortios-release-notes/936594/fortinet-security-fa.... Fortiswitch and FortiAP can be upgraded after the Fortigate.
Kindly refer here for the compatibility matrix between Fortigate firmware (FortiOS) and FortiAP: https://docs.fortinet.com/document/fortiap/7.4.0/fortiap-and-fortios-compatibility-matrix/495193/for... Highest firmware version for FortiAP is dependent on the FortiAP model.
Yes you are right, FMG's compatibility matrix is only concerned with Fortigate's firmware version. As long as FMG and FGT's firmware are compatible as per the compatibility matrix, it's fine. FGT is the wireless/switch controller for fortiswitch and fortiap. Firmware upgrade for those devices can be done through FGT or FMG.
https://docs.fortinet.com/compatibility-tool/fortimanager When FortiOS is mentioned, it refers to FortiGate firmware version.
https://docs.fortinet.com/document/fortiswitch/7.4.2/fortilink-compatibility For this, this is the firmware version compatibility matrix between Fortigate OS (FortiOS) with FortiSwitch firmware version.
So then the fortimanager compatibility matrix isn't concerned about the OS of any device beyond the Fortigate?
My goal is to find the highest supported OS for each, Fortigate, FortiSwitch, FortiAP that's in our Fortimanager which is at version 7.2.4
As I understand it, I can only update the OS of our Fortigate's to 7.2.7 based on the compatibility tool
The switches can go up to 7.4.2 based on the Fortilink compatibility matrix
The APs up to 7.4.2 to match the switch version.
Am I mistaken?
When upgrading firmware in a Fortinet Security Fabric as such, please refer here to see which devices in the fabric should be upgraded first: https://docs.fortinet.com/document/fortigate/7.4.3/fortios-release-notes/936594/fortinet-security-fa.... Fortiswitch and FortiAP can be upgraded after the Fortigate.
Kindly refer here for the compatibility matrix between Fortigate firmware (FortiOS) and FortiAP: https://docs.fortinet.com/document/fortiap/7.4.0/fortiap-and-fortios-compatibility-matrix/495193/for... Highest firmware version for FortiAP is dependent on the FortiAP model.
Yes you are right, FMG's compatibility matrix is only concerned with Fortigate's firmware version. As long as FMG and FGT's firmware are compatible as per the compatibility matrix, it's fine. FGT is the wireless/switch controller for fortiswitch and fortiap. Firmware upgrade for those devices can be done through FGT or FMG.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.