Upgrading individual devices
On the System > Fabric Management page, use the Upgrade button to upgrade firmware for an individual device. The upgrade is performed immediately.
When the upgrade requires multiple builds in the upgrade path, you can choose to follow the upgrade path or to upgrade directly from the current version to the selected version.
When you follow the upgrade path, FortiGate automatically completes the upgrades, including any required reboots, by downloading the chosen firmware directly from FortiGuard. In this example, FortiGate automatically upgrades to each firmware in the upgrade path, which is 7.4.2 and then 7.4.3.
When you choose to skip the upgrade path and directly upgrade to a firmware available on FortiGuard, a message is displayed.
If you are moving from a mature to a feature firmware release, a warning displays. See Firmware maturity levels.
To upgrade individual device firmware in the GUI:
- Log into the FortiGate GUI as an administrative user.
- Go to System > Firmware & Registration.
The Firmware Version column displays the version and either (Feature) or (Mature).
- Select the FortiGate, and click Upgrade. The FortiGate Upgrade pane opens, and the following tabs are available:
Latest
Displays the latest, available firmware from FortiGuard.
When FortiGate is running the latest firmware from FortiGuard, the following message is displayed: The firmware is up to date.
All Upgrades
Displays all available firmware from FortiGuard.
When FortiGate is running the latest firmware from FortiGuard, the following message is displayed: No upgrades available.
File Upload
Click the File Upload tab to upload a firmware file that you previously downloaded from the Fortinet Customer Service & Support website.
- Select a firmware version:
- From the Latest or All Upgrades tab, select a firmware version.
- If the selected firmware version spans multiple builds in the upgrade path, choose one of the following options:
Follow upgrade path
Automatically upgrade FortiGate to each firmware in the upgrade path before upgrade to the selected version. Recommended.
Directly update to v<version and build number>
Bypass the upgrade path to immediately upgrade FortiGate to the selected firmware. A warning message is displayed: Upgrading to FortiOS v<version and build number> directly may result in the loss of configuration.
When upgrading from mature firmware to feature firmware, a warning message appears about the maturity level of the selected firmware for the upgrade.
- Click Confirm and Backup Config.
If you are upgrading from a mature to a feature firmware version, the Confirm pane opens with a warning message. Click Confirm to proceed.
A warning displays: Upgrading the firmware will cause the system to reboot. Are you sure you want to continue?
- Click Continue to initiate the upgrade.
The FortiGate unit backs up the current configuration to the management computer, uploads the firmware image file, upgrades to the new firmware version, and restarts. This process takes a few minutes.
To upgrade individual device firmware in the CLI:
- Make sure that the TFTP server is running.
- Copy the new firmware image file to the root directory of the TFTP server.
- Log in to the CLI.
- Ping the TFTP server to ensure that the FortiGate can connect to it:
execute ping <tftp_ipv4>
- Enter the following command to copy the firmware image from the TFTP server to the FortiGate unit:
execute restore image tftp <filename> <tftp_ipv4>
The FortiGate unit responds with the message:
This operation will replace the current firmware version!
Do you want to continue? (y/n)
- Type
y
. The FortiGate unit uploads the firmware image file, verifies the signature of the firmware image, and determines the firmware maturity level.When you are upgrading to a feature firmware image, you are asked to confirm whether to continue with the upgrade.
When you proceed with the upgrade, the upgrade image is installed and FortiGate restarts. This process takes a few minutes.
Please wait... Connect to tftp server 172.16.200.55 ... ############################################################################## Get image from tftp server OK. Verifying the signature of the firmware image. Warning: Upgrading to an image with Feature maturity notation. Image file uploaded is marked as a Feature image, are you sure you want to upgrade? Do you want to continue? (y/n)y Please confirm again. Are you sure you want to upgrade using uploaded file? Do you want to continue? (y/n)y Checking new firmware integrity ... pass Please wait for system to restart. Firmware upgrade in progress ... Done. The system is going down NOW !!
- Reconnect to the CLI.
- Update the antivirus and attack definitions:
execute update-now