Upgrading the firmware on an individual FIM
During the upgrade, the FIM will not be able to process traffic. However, the other FIM and the FPMs should continue to operate normally.
To upgrade the firmware on a individual FIM from the GUI
-
Connect to the FIM GUI using the SLBC management IP address and the special management port number for that FIM. For example, for the FIM in slot 2, browse to https://<SLBC-management-ip>:44302.
-
Start a normal firmware upgrade. For example,
-
Go to System > Firmware and select Browse to select the firmware file to install.
-
Follow the prompts to select the firmware file, save the configuration, and upload the firmware file to the FPM.
-
-
After the FIM restarts, verify that the new firmware has been installed.
You can do this from the FIM GUI dashboard or from the FIM CLI using the
get system status
command. -
Use the
diagnose sys confsync status | grep in_sy
command to verify that the configuration of the FIM has been synchronized. The fieldin_sync=1
indicates that the configurations of that FIM or FPM is synchronized.FIMs and FPMs that are missing or that show
in_sync=0
are not synchronized. To synchronize an FIM or FPM that is not synchronized, log into the CLI of the FIM or FPM and restart it using theexecute reboot
command. If this does not solve the problem, contact Fortinet Support at https://support.fortinet.com.If you enter the
diagnose sys confsync status | grep in_sy
command before the FIM has completely restarted, it will not appear in the command output. As well, the Cluster Status dashboard widget will temporarily show that it is not synchronized.
To upgrade the firmware on a individual FIM from the CLI using TFTP
-
Put a copy of the firmware file on a TFTP server that is accessible from the SLBC management interface.
-
Connect to the FIM CLI by using an SSH client. For example, to connect to the CLI of the FIM in slot 2, connect to <SLBC-management-ip>:2201.
-
Enter the following command to upload the firmware file to the FIM:
execute upload image tftp <firmware-filename> comment <tftp-server-ip-address>
-
After the FIM restarts, verify that the new firmware has been installed.
You can do this from the FIM GUI dashboard or from the FIM CLI using the
get system status
command. -
Use the
diagnose sys confsync status | grep in_sy
command to verify that the configuration of the FIM has been synchronized. The fieldin_sync=1
indicates that the configurations of that FIM or FPM is synchronized.FIMs and FPMs that are missing or that show
in_sync=0
are not synchronized. To synchronize an FIM or FPM that is not synchronized, log into the CLI of the FIM or FPM and restart it using theexecute reboot
command. If this does not solve the problem, contact Fortinet Support at https://support.fortinet.com.If you enter the
diagnose sys confsync status | grep in_sy
command before the FIM has completely restarted, it will not appear in the command output. As well, the Cluster Status dashboard widget will temporarily show that it is not synchronized.