Created on 05-13-2005 12:00 AM Edited on 09-28-2023 07:45 AM By Stephen_G
Description
This article describes how to upgrade FortiGate firmware. FortiGate administrators whose access profiles contain system configuration read and write privileges and the FortiGate admin user can change the FortiGate firmware.
Download the most recent firmware build from the Fortinet Technical Support web site at http://support.fortinet.com/.
Scope
FortiGate.
Solution
Before upgrading.
It is important to read the release notes which are as well available from the Fortinet Customer Service & Support site (https://support.fortinet.com/) at the same location from where the firmware image was downloaded. After downloading, review the special notices, upgrade information, product integration and support, resolved issue, known issues and limitations
Also, check the upgrade path tool for a correct upgrade path.
Under 'select product' on the firmware download page, make sure to pick the correct product and version, then select the destination version and then select 'go'. Failure to follow a valid upgrade path will cause issues.
To upgrade the firmware using the web-based manager.
Note: Always upgrade the firmware from a local copy. Never perform firmware upgrade over the Internet.
5.2.x & 5.4.x versions
To upgrade the firmware
The FortiGate unit uploads the firmware image file, upgrades to the new firmware version, restarts, and displays the FortiGate login. This process takes a few minutes.
5.6.x, 6.0.x & 6.2.x Versions.
7.0.x, Versions.
7.2.x and 7.4.x Versions:
Upgrading the firmware through the CLI.
Before starting, ensure a TFTP server is running and accessible to the FortiGate unit.
Copy the new firmware image file to the root directory of the TFTP server.
Log into the CLI.
Make sure the FortiGate unit can connect to the TFTP server.
Use the following command to ping the computer running the TFTP server. For example, if the IP address of the TFTP server is 192.168.1.168:
execute ping 192.168.1.168
Enter the following command to copy the firmware image from the TFTP server to the FortiGate unit:
execute restore image tftp <filename> <tftp_ipv4>
The FortiGate unit responds with the message:
This operation will replace the current firmware version!
Do you want to continue? (y/n)
Type y. The FortiGate unit will upload the firmware image file, upgrade to the new firmware version, and restart. This process takes a few minutes.
Reconnect to the CLI.
Updating the firmware on FortiGate.
1.
Browse to support.fortinet.com and log in.
Go to Downloads -> Firmware Images -> Fortigate -> Vr _ -> MR_ -> Patch _ and view the list for the image file matching the device model.
Backup the Fortigate Config by going to the menu tabs on the left of the interface window.
Upgrading From the Details window.
Load the firmware and reboot by going to the menu tabs on the left of the interface window. Go to System > Dashboard > Status > System Information > Firmware Version > Details.
The Fortigate will reboot.
Upload and Boot to Firmware at a later time or Boot to Previous Firmware.
In the CLI, use the following commands:
diag sys flash list
(Lists partitions and checks if they are active.)
execute set-next-reboot <primary|secondary>
(Indicates what partition to boot from next time the device reboots. Partition#1 = primary, Partition 2 = Secondary).
execute reboot
(Will cause the fortigate to reboot.)
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.