Fortinet black logo

Cookbook

Downgrading to a previous firmware version

Copy Link
Copy Doc ID 30be976a-bbb3-11ee-8673-fa163e15d75b:929924
Download PDF

Downgrading to a previous firmware version

note icon

Downgrading the firmware is not recommended.

This procedure downgrades the FortiGate to a previous firmware version. The backup configuration might not be able to be restored after downgrading.

To downgrade to a previous firmware version in the GUI:
  1. Log into the FortiGate GUI as the admin administrative user.
  2. Go to System > Firmware.
  3. Under Upload Firmware, click Browse and locate the previously downloaded firmware image file (see Downloading a firmware image).
  4. Click Confirm version downgrade.
  5. Click Backup config and downgrade.

    The FortiGate unit backs up the current configuration to the management computer, uploads the firmware image file, upgrades to the new firmware version, and restarts. This process takes a few minutes.

To downgrade to a previous firmware version in the CLI:
  1. Make sure that the TFTP server is running.
  2. Copy the new firmware image file to the root directory of the TFTP server.
  3. Log into the CLI.
  4. Ping the TFTP server to ensure that the FortiGate can connect to it:

    execute ping <tftp_ipv4>

  5. Enter the following command to copy the firmware image from the TFTP server to the FortiGate unit:

    execute restore image tftp <filename> <tftp_ipv4>

    The FortiGate unit responds with the message:

    This operation will replace the current firmware version!

    Do you want to continue? (y/n)

  6. Type y. The FortiGate unit uploads the firmware image file, then a message similar to the following is shown:

    Get image from tftp server OK.

    Check image OK.

    This operation will downgrade the current firmware version!

    Do you want to continue? (y/n)

  7. Type y. The FortiGate unit downgrades to the old firmware version and restarts. This process takes a few minutes.
  8. Reconnect to the CLI.
  9. Update the antivirus and attack definitions:

    execute update-now

Downgrading to a previous firmware version

note icon

Downgrading the firmware is not recommended.

This procedure downgrades the FortiGate to a previous firmware version. The backup configuration might not be able to be restored after downgrading.

To downgrade to a previous firmware version in the GUI:
  1. Log into the FortiGate GUI as the admin administrative user.
  2. Go to System > Firmware.
  3. Under Upload Firmware, click Browse and locate the previously downloaded firmware image file (see Downloading a firmware image).
  4. Click Confirm version downgrade.
  5. Click Backup config and downgrade.

    The FortiGate unit backs up the current configuration to the management computer, uploads the firmware image file, upgrades to the new firmware version, and restarts. This process takes a few minutes.

To downgrade to a previous firmware version in the CLI:
  1. Make sure that the TFTP server is running.
  2. Copy the new firmware image file to the root directory of the TFTP server.
  3. Log into the CLI.
  4. Ping the TFTP server to ensure that the FortiGate can connect to it:

    execute ping <tftp_ipv4>

  5. Enter the following command to copy the firmware image from the TFTP server to the FortiGate unit:

    execute restore image tftp <filename> <tftp_ipv4>

    The FortiGate unit responds with the message:

    This operation will replace the current firmware version!

    Do you want to continue? (y/n)

  6. Type y. The FortiGate unit uploads the firmware image file, then a message similar to the following is shown:

    Get image from tftp server OK.

    Check image OK.

    This operation will downgrade the current firmware version!

    Do you want to continue? (y/n)

  7. Type y. The FortiGate unit downgrades to the old firmware version and restarts. This process takes a few minutes.
  8. Reconnect to the CLI.
  9. Update the antivirus and attack definitions:

    execute update-now