Fortinet white logo
Fortinet white logo

FortiGate-7000F Administration Guide

Upgrading the firmware on an individual FPM

Upgrading the firmware on an individual FPM

Use the following procedure to upgrade the firmware running on a single FPM from the GUI.

During this procedure, the FPM will not be able to process traffic. However, the other FPMs and the FIMs should continue to operate normally.

Note

To upgrade the firmware running on a single FPM from the CLI, see Installing FPM firmware from the BIOS after a reboot.

  1. Connect to the FPM GUI using the SLBC management IP address and the special management port number for that FPM. For example, for the FPM in slot 3, browse to https://<SLBC-management-ip>:44303.

  2. Start a normal firmware upgrade. For example,

    1. Go to System > Firmware and select Browse to select the firmware file to install.

    2. Follow the prompts to select the firmware file, save the configuration, and upload the firmware file to the FPM.

  3. After the FPM restarts, verify that the new firmware has been installed.

    You can do this from the FPM GUI dashboard or from the FPM CLI using the get system status command.

  4. Use the diagnose sys confsync status | grep in_sy command to verify that the configuration has been synchronized. The field in_sync=1 indicates that the configurations of that FIM or FPM is synchronized.

    FIMs and FPMs that are missing or that show in_sync=0 are not synchronized. To synchronize an FIM or FPM that is not synchronized, log into the CLI of the FIM or FPM and restart it using the execute reboot command. If this does not solve the problem, contact Fortinet Support at https://support.fortinet.com.

    If you enter the diagnose sys confsync status | grep in_sy command before the FPM has completely restarted, it will not appear in the command output. As well, the Configuration Sync Monitor will temporarily show that it is not synchronized.

Upgrading the firmware on an individual FPM

Upgrading the firmware on an individual FPM

Use the following procedure to upgrade the firmware running on a single FPM from the GUI.

During this procedure, the FPM will not be able to process traffic. However, the other FPMs and the FIMs should continue to operate normally.

Note

To upgrade the firmware running on a single FPM from the CLI, see Installing FPM firmware from the BIOS after a reboot.

  1. Connect to the FPM GUI using the SLBC management IP address and the special management port number for that FPM. For example, for the FPM in slot 3, browse to https://<SLBC-management-ip>:44303.

  2. Start a normal firmware upgrade. For example,

    1. Go to System > Firmware and select Browse to select the firmware file to install.

    2. Follow the prompts to select the firmware file, save the configuration, and upload the firmware file to the FPM.

  3. After the FPM restarts, verify that the new firmware has been installed.

    You can do this from the FPM GUI dashboard or from the FPM CLI using the get system status command.

  4. Use the diagnose sys confsync status | grep in_sy command to verify that the configuration has been synchronized. The field in_sync=1 indicates that the configurations of that FIM or FPM is synchronized.

    FIMs and FPMs that are missing or that show in_sync=0 are not synchronized. To synchronize an FIM or FPM that is not synchronized, log into the CLI of the FIM or FPM and restart it using the execute reboot command. If this does not solve the problem, contact Fortinet Support at https://support.fortinet.com.

    If you enter the diagnose sys confsync status | grep in_sy command before the FPM has completely restarted, it will not appear in the command output. As well, the Configuration Sync Monitor will temporarily show that it is not synchronized.