Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
BlueP
New Contributor II

firmware upgrade

Our firewall (FortiGate-500E v7.0.14, build0601) is currently experiencing issues with upgrading to newer firmware versions. There are two options available: versions 7.2.7 and 7.2.8. However, the release notes for version 7.2.7 indicate a bug affecting IPsec tunnels, while version 7.2.8 has a known issue with routing and SD-WAN

 

How should I determine the most suitable version for the upgrade?

known issues: 7.2.7 -->> https://docs.fortinet.com/document/fortigate/7.2.7/fortios-release-notes/236526/known-issues

 

 

known issues: 7.2.8 --> https://docs.fortinet.com/document/fortigate/7.2.8/fortios-release-notes/236526/known-issues

 

 

 

 

5 REPLIES 5
zoludwo2
Visitor

Agreed. IPMI/iDrac/iLo present with vulnerabilities like any software. For those concerned about firmware updates breaking servers, or otherwise causing undesirable behavior, I suggest you ensure you have a test machine in the lab.

Umer221
Staff
Staff

@BlueP 

 

When upgrading from version 7.0.14 to later versions, be sure not to skip version 7.0.15. Although the upgrade path tool may not indicate 7.0.15 as a required step, you should consult this article for further guidance: Technical Tip - Boot failure after upgrading to v7.0.15.

 

Therefore, please ensure you upgrade to 7.0.15 before proceeding to subsequent versions.

 

Additionally, it’s recommended to test upgrades in your lab environment first, as this issue may not occur on all devices. It can vary depending on the specific topology and device type in use.

 

 

Toshi_Esumi

@Umer221If my interpretation of the KB is correct, the version you shouldn't skip is not 7.0.15 but it's 7.0.14. Am I reading it wrong?

  • The error message 'failed verification on /data/datafs.tar.gz' can occur when upgrading from any version lower than v7.0.14 once skipped the upgrade path and upgraded directly to v7.0.15 or above.
  • Before upgrading, the system must be on the base of v7.0.14.


Toshi

 

Umer221

@Toshi_Esumi 

Thank you for catching this. Correct it is 7.0.14 version not suppose to be skipped, so it does not apply in this case.

Toshi_Esumi

We've learned this in a hard way and had to reload 7.0.14 from TFTP server for multiple devices. I wished we knew this much earlier. Thank you for the link, @Umer221 

Toshi

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors