Fortinet black logo

Administration Guide

Home FortiGate / FortiOS 7.4.3 Administration Guide

Upgrading Fabric or managed devices

7.4.3
7.4.3
7.4.2
7.4.1
7.4.0
7.2.8
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.15
7.0.14
7.0.13
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.15
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
Copy Link
Copy Doc ID a36d7fdc-c11e-11ee-8c42-fa163e15d75b:849341
Download PDF

Upgrading Fabric or managed devices

On the System > Fabric Management page, use the Fabric Upgrade button to select a firmware version from FortiGuard for the FortiGate:

  • When FortiGate is part of a Security Fabric, the selected target firmware is for the root FortiGate as well as all Fabric devices.

  • When the device is a non-Security Fabric FortiGate with managed devices, the selected target firmware version is used to automatically upgrade firmware for all managed devices, such as FortiAP and FortiSwitch devices.

Fabric members or managed devices download the chosen firmware directly from FortiGuard.

When the upgrade requires multiple builds in the upgrade path, you can choose to follow the upgrade path or to upgrade directly from the current version to the selected version.

When you follow the upgrade path, FortiGate automatically completes the upgrades for the Security Fabric or for the managed devices, including any required reboots. This coordinated process is sometimes called a federated update. In this example, the devices automatically upgrade to each firmware in the upgrade path, which is 7.0.7, 7.2.3, 7.4.0, 7.4.2, and then 7.4.3.

Note

On managed FortiAP and FortiSwitch devices, the federated upgrade adheres to the respective compatibility matrix information maintained on the FortiGuard Distribution Network (FDN).

When you choose to skip the upgrade path and directly upgrade to the selected firmware, a message is displayed.

A Fabric Upgrade can be performed immediately or during a scheduled time.

If you are moving from a mature to a feature firmware release, a warning displays. See Firmware maturity levels.

The following options are available in execute federated-upgrade <option>:

Option

Description

cancel

Cancel the currently configured upgrade.

initialize

Set up a federated upgrade.

status

Show the current status of a federated upgrade.

restart

Restart the currently configured federated upgrade.
Note

The config system federated-upgrade command is read-only. Attempting to configure federated upgrade using the config command will show the following error message:

Federated upgrade cannot be configured directly.
Please use 'execute federated-upgrade ...' to configure.
To upgrade Fabric or managed devices:

  1. Log in to the FortiGate GUI as an administrative user.

    When you are upgrading the Security Fabric, you must log in to the root FortiGate.

  2. Go to System > Firmware & Registration and click Fabric Upgrade. The Fabric Upgrade pane opens, and the following tabs are available:

    Latest

    Displays the latest, available firmware from FortiGuard.

    All Upgrades

    Displays all available firmware from FortiGuard.

  3. Select a firmware version:

    1. From the Latest or All Upgrades tabs, select a firmware version.
    2. If the selected firmware version spans multiple builds in the upgrade path, choose one of the following options:

      Follow upgrade path

      Automatically upgrade devices to each firmware in the upgrade path before upgrade to the selected version. Recommended.

      Directly update to v<version and build number>

      Bypass the upgrade path to immediately upgrade devices to the selected firmware. A warning message is displayed: Upgrading to FortiOS v<version and build number> directly may result in the loss of configuration.

      When upgrading from mature firmware to feature firmware, a warning message appears about the maturity level of the selected firmware for the upgrade.

    3. Click Next.

      If you are upgrading from a mature to a feature firmware version, the Confirm pane opens with a warning message. Click Confirm to proceed to the Choose Schedule options.

      The Choose Schedule options are displayed.

  4. Choose when to start the upgrade process.

    1. Set Upgrade schedule to Immediate or Custom:

      Immediate

      Select to start the upgrade process immediately.

      Custom

      Select to display the Upgrade date and time options to schedule when to start the upgrade process.

      Note

      In a custom upgrade, the configuration backups are saved when the administrator schedules the upgrade. If the scheduled upgrade occurs after further configuration changes are made, the latest changes will not be saved in a new backup configuration file.

    2. Click Next. The Review pane is displayed.

  5. Review the firmware updates, and click Confirm and Backup Config to initiate the upgrade process.

    The pane enters a loading state to wait for all FortiGate configurations to save. Once completed, the pane closes and the device list refreshes to reflect the latest changes. In this example, the next step is to start the first step in the upgrade path on a schedule.

    The Cancel Fabric Upgrade button is also displayed if you want to cancel the upgrade.

Previous
Next

Upgrading Fabric or managed devices

On the System > Fabric Management page, use the Fabric Upgrade button to select a firmware version from FortiGuard for the FortiGate:

  • When FortiGate is part of a Security Fabric, the selected target firmware is for the root FortiGate as well as all Fabric devices.

  • When the device is a non-Security Fabric FortiGate with managed devices, the selected target firmware version is used to automatically upgrade firmware for all managed devices, such as FortiAP and FortiSwitch devices.

Fabric members or managed devices download the chosen firmware directly from FortiGuard.

When the upgrade requires multiple builds in the upgrade path, you can choose to follow the upgrade path or to upgrade directly from the current version to the selected version.

When you follow the upgrade path, FortiGate automatically completes the upgrades for the Security Fabric or for the managed devices, including any required reboots. This coordinated process is sometimes called a federated update. In this example, the devices automatically upgrade to each firmware in the upgrade path, which is 7.0.7, 7.2.3, 7.4.0, 7.4.2, and then 7.4.3.

Note

On managed FortiAP and FortiSwitch devices, the federated upgrade adheres to the respective compatibility matrix information maintained on the FortiGuard Distribution Network (FDN).

When you choose to skip the upgrade path and directly upgrade to the selected firmware, a message is displayed.

A Fabric Upgrade can be performed immediately or during a scheduled time.

If you are moving from a mature to a feature firmware release, a warning displays. See Firmware maturity levels.

The following options are available in execute federated-upgrade <option>:

Option

Description

cancel

Cancel the currently configured upgrade.

initialize

Set up a federated upgrade.

status

Show the current status of a federated upgrade.

restart

Restart the currently configured federated upgrade.
Note

The config system federated-upgrade command is read-only. Attempting to configure federated upgrade using the config command will show the following error message:

Federated upgrade cannot be configured directly.
Please use 'execute federated-upgrade ...' to configure.
To upgrade Fabric or managed devices:

  1. Log in to the FortiGate GUI as an administrative user.

    When you are upgrading the Security Fabric, you must log in to the root FortiGate.

  2. Go to System > Firmware & Registration and click Fabric Upgrade. The Fabric Upgrade pane opens, and the following tabs are available:

    Latest

    Displays the latest, available firmware from FortiGuard.

    All Upgrades

    Displays all available firmware from FortiGuard.

  3. Select a firmware version:

    1. From the Latest or All Upgrades tabs, select a firmware version.
    2. If the selected firmware version spans multiple builds in the upgrade path, choose one of the following options:

      Follow upgrade path

      Automatically upgrade devices to each firmware in the upgrade path before upgrade to the selected version. Recommended.

      Directly update to v<version and build number>

      Bypass the upgrade path to immediately upgrade devices to the selected firmware. A warning message is displayed: Upgrading to FortiOS v<version and build number> directly may result in the loss of configuration.

      When upgrading from mature firmware to feature firmware, a warning message appears about the maturity level of the selected firmware for the upgrade.

    3. Click Next.

      If you are upgrading from a mature to a feature firmware version, the Confirm pane opens with a warning message. Click Confirm to proceed to the Choose Schedule options.

      The Choose Schedule options are displayed.

  4. Choose when to start the upgrade process.

    1. Set Upgrade schedule to Immediate or Custom:

      Immediate

      Select to start the upgrade process immediately.

      Custom

      Select to display the Upgrade date and time options to schedule when to start the upgrade process.

      Note

      In a custom upgrade, the configuration backups are saved when the administrator schedules the upgrade. If the scheduled upgrade occurs after further configuration changes are made, the latest changes will not be saved in a new backup configuration file.

    2. Click Next. The Review pane is displayed.

  5. Review the firmware updates, and click Confirm and Backup Config to initiate the upgrade process.

    The pane enters a loading state to wait for all FortiGate configurations to save. Once completed, the pane closes and the device list refreshes to reflect the latest changes. In this example, the next step is to start the first step in the upgrade path on a schedule.

    The Cancel Fabric Upgrade button is also displayed if you want to cancel the upgrade.

Previous
Next