Our firewall (FortiGate-500E v7.0.14, build0601) is currently experiencing issues with upgrading to newer firmware versions. There are two options available: versions 7.2.7 and 7.2.8. However, the release notes for version 7.2.7 indicate a bug affecting IPsec tunnels, while version 7.2.8 has a known issue with routing and SD-WAN
How should I determine the most suitable version for the upgrade?
known issues: 7.2.7 -->> https://docs.fortinet.com/document/fortigate/7.2.7/fortios-release-notes/236526/known-issues
known issues: 7.2.8 --> https://docs.fortinet.com/document/fortigate/7.2.8/fortios-release-notes/236526/known-issues
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Yes, you are good to follow the upgrade path tool, please refer to the follow article for details:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Manual-firmware-upgrade-by-referring-to-an...
In order to view if a firmware version is Mature or a Feature, you can use the above article to login to Fortinet support site, follow the instructions where it walks you through to the download page.
You can see "FFW_2600F-v7.2.9.M-build1688-FORTINET.out" for 7.2.9 version where M refers to mature version and "FFW_2600F-v7.4.4.F-build2662-FORTINET.out" for 7.4.4 version where "v7.4.4.F" F refers to Feature.
Please see the attached screenshots for a reference.
Created on 10-30-2024 08:29 AM Edited on 10-30-2024 08:30 AM
I think @Umer221 meant to show "FGT_500E-..."
But I strongly recommend you go up to 7.2.9 or 7.2.10 due to some vulnerabilities in those 7.2.7 and 7.2.8. See the release notes of 7.2.9, at the bottom of "Resolved Issues" section.
Toshi
Agreed. IPMI/iDrac/iLo present with vulnerabilities like any software. For those concerned about firmware updates breaking servers, or otherwise causing undesirable behavior, I suggest you ensure you have a test machine in the lab https://100001.onl/ .
When upgrading from version 7.0.14 to later versions, be sure not to skip version 7.0.15. Although the upgrade path tool may not indicate 7.0.15 as a required step, you should consult this article for further guidance: Technical Tip - Boot failure after upgrading to v7.0.15.
Therefore, please ensure you upgrade to 7.0.15 before proceeding to subsequent versions.
Additionally, it’s recommended to test upgrades in your lab environment first, as this issue may not occur on all devices. It can vary depending on the specific topology and device type in use.
@Umer221If my interpretation of the KB is correct, the version you shouldn't skip is not 7.0.15 but it's 7.0.14. Am I reading it wrong?
Toshi
Thank you for catching this. Correct it is 7.0.14 version not suppose to be skipped, so it does not apply in this case.
We've learned this in a hard way and had to reload 7.0.14 from TFTP server for multiple devices. I wished we knew this much earlier. Thank you for the link, @Umer221
Toshi
so that means am good to follow the upgrade path tool,
and may i know if there's a firmware version that tagged as mature from fortinet i mean if version 7.2.9 is mature or not
for example https://www.reddit.com/media?url=https%3A%2F%2Fpreview.redd.it%2F7-2-7-is-mature-v0-erj2xj1yschc1.pn...
Yes, you are good to follow the upgrade path tool, please refer to the follow article for details:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Manual-firmware-upgrade-by-referring-to-an...
In order to view if a firmware version is Mature or a Feature, you can use the above article to login to Fortinet support site, follow the instructions where it walks you through to the download page.
You can see "FFW_2600F-v7.2.9.M-build1688-FORTINET.out" for 7.2.9 version where M refers to mature version and "FFW_2600F-v7.4.4.F-build2662-FORTINET.out" for 7.4.4 version where "v7.4.4.F" F refers to Feature.
Please see the attached screenshots for a reference.
Created on 10-30-2024 08:29 AM Edited on 10-30-2024 08:30 AM
I think @Umer221 meant to show "FGT_500E-..."
But I strongly recommend you go up to 7.2.9 or 7.2.10 due to some vulnerabilities in those 7.2.7 and 7.2.8. See the release notes of 7.2.9, at the bottom of "Resolved Issues" section.
Toshi
Thank you very much bro
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1640 | |
1069 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.