Prevent FortiGates with an expired support contract from upgrading to a major or minor firmware release
This information is also available in the FortiOS 7.4 Administration Guide: |
If the FortiGate support contract has expired, you will be unable to upgrade the firmware to a higher major version, such as from FortiOS 6.0 to 7.0, or to a higher minor version, such as from FortiOS 7.0 to 7.2. However, you can upgrade the firmware of a FortiGate with an expired support contract to a higher patch build, such as from FortiOS 7.4.0 to 7.4.1, to allow for security updates.
You can confirm the Firmware & General Updates (FMWR) contract expiry date in the System > FortiGuard page or by using the diagnose test update info contract
command.
Updates in the GUI have been implemented for this new feature in 7.4.1. See Prevent firmware upgrades when the support contract is expired using the GUI 7.4.1 for more information. |
Example
The following example demonstrates what occurs when upgrading the firmware to a patch build and to a higher version with an expired license. The patch upgrade successfully upgrades the firmware from FortiOS 7.4.0 to 7.4.3. The major upgrade attempts and fails to upgrade the firmware from FortiOS 7.4.0 to 7.6.3.
To demonstrate the functionality of this feature, this example uses FortiGates that are running and upgrading to fictitious build numbers. |
To upgrade the firmware to a higher patch build:
-
Confirm the current firmware version:
# get system status Version: FortiGate-301E v7.4.0,build2303,230307 (interim)
-
Upgrade the firmware:
# execute restore image tftp v743-B2400-GA-M_B230309_FGT_301E.out 172.16.200.55 This operation will replace the current firmware version! Do you want to continue? (y/n)y Please wait... Connect to tftp server 172.16.200.55 ... ...... Firmware upgrade in progress ... Done.
-
Confirm the new firmware version:
# get system status Version: FortiGate-301E v7.4.3,build2400,230309 (GA.M)
To upgrade the firmware to a higher major version:
-
Confirm the current firmware version:
# get system status Version: FortiGate-301E v7.4.0,build2303,230307 (interim)
-
Upgrade the firmware:
# execute restore image tftp v763-B1505-GA-F_B234847_FGT_301E.out 172.16.200.55 ...... Firmware update licence is expired! Please update to a valid licence. Command fail. Return code -180