Fortinet black logo

Administration Guide

Updating CentOS

Copy Link
Copy Doc ID dc02a854-ab11-11ea-8b7d-00505692583a:526726
Download PDF

Updating CentOS

This document describes the method for updating CentOS on FortiNAC appliances and virtual machines. It is recommended that the operating system be updated regularly to maintain the highest possible level of security on the server. Refer to Fortinet CentOS Update Policy for additional details.

Operating system updates

In a high availability (HA) environment with redundant servers or in the case of a FortiNAC Control Server/Application Server pair, all of the servers can be updated from the Operation System Updates panel. If a server cannot be reached an error message displays in the table along with the IP address of the server.

When the Operating System Updates panel is accessed, the table is empty. Clicking the Check for Updates button contacts the update repository and determines whether all of the available updates have been installed on each FortiNAC server. The status of each server is displayed in the table. Servers are updated by clicking the Update. Operating system updates are downloaded from Fortinet via FTP, HTTP or HTTPS. When an update is initiated the following event is generated: Operating System Update Initiated.

The update process can take a long time and requires that the updated servers be rebooted.

Requirements

  • FortiNAC firmware versions 6.x and higher (CentOS 7).

  • Access to fnac-updates.fortinet.net from each appliance or virtual machine.

  • HTTP access to centos.org from each appliance or virtual machine.

  • Maintenance window to reboot the appliance or virtual machine after installing the updates.

  • Hardware appliances: Dell hardware with one of these SKUs:

    FNC-CA-XXXC, FNC-C-XXXXC, FNC-A-XXXXC, FNC-M-550C

  • Legacy models:

    FNC-R-650C, SYS-BFN330-XXXX, SYS-BFN630-XXXX, SYS-BFN630XL-XXXX, SYS-G-BFN630-XXXX, SYC-FNT440-XXX, SYC-FNT440XL-XXX, SYC-FNT330-000

  • Outbound internet access is recommended for all servers that are being updated.
  • If you are running FortiNAC in a virtual machine, take a snapshot of the VM before updating the operating system.
  • Update packages are signed and will not install if keys do not match those on the appliance or virtual machine.

Update the operating system

  1. Click System > Settings.
  2. Expand the Updates folder.
  3. Select Operating System from the tree.
  4. Click Check for Updates to check the FTP server for updates and assess whether the FortiNAC servers are up to date or not.
  5. Click Update All to begin downloading and installing the operating system updates.
  6. A warning is displayed indicating that this is a long process and that you must reboot the server after the update. Click Yes to continue.
  7. Use Show Log at the bottom of the table to view a log of the update process.
  8. When the update is complete, select System Management > Power Management from the tree.
  9. Select each server and click Reboot to reboot the FortiNAC Server. If you have a Control Server and an Application Server, they must both be rebooted.
Settings

Field

Definition

Check For Updates Button

Queries the Fortinet FTP site to determine if there are updates available and to check the update status of each FortiNAC server.

Update All Button

Displays only when there are updates available. The Status field indicates the status of the server selected in the table. It is the same as the Status column in the table.

Host

Name of the FortiNAC server.

Product

Type of FortiNAC server. Types include:

  • FortiNAC Server
  • FortiNAC Control Server
  • FortiNAC Application Server

Status

Indicates the overall update status of the FortiNAC Server or Control Server/Application server pair, including:

Updates Available:Updates are available for one or more of the FortiNAC servers listed in the table.

Up To Date: All servers are up to date.

Error - Unable to establish an FTP session to downloads.bradfordnetworks.com

Error - Unable to ping host

Error - Unable to ssh to host

Last Updated

Date and time of the last update attempt.

Last Update Status

Indicates the state of the last update. States include:

Never Updated: Server has never had an operating system update.

Success: Server was updated successfully.

Failed: Update attempt has failed.

Last Update Duration

Amount of time that it took to update the server on the most recent update attempt. If the last update was not successful, this number may be very low.

Show Log

Displays the update log.

Updating CentOS

This document describes the method for updating CentOS on FortiNAC appliances and virtual machines. It is recommended that the operating system be updated regularly to maintain the highest possible level of security on the server. Refer to Fortinet CentOS Update Policy for additional details.

Operating system updates

In a high availability (HA) environment with redundant servers or in the case of a FortiNAC Control Server/Application Server pair, all of the servers can be updated from the Operation System Updates panel. If a server cannot be reached an error message displays in the table along with the IP address of the server.

When the Operating System Updates panel is accessed, the table is empty. Clicking the Check for Updates button contacts the update repository and determines whether all of the available updates have been installed on each FortiNAC server. The status of each server is displayed in the table. Servers are updated by clicking the Update. Operating system updates are downloaded from Fortinet via FTP, HTTP or HTTPS. When an update is initiated the following event is generated: Operating System Update Initiated.

The update process can take a long time and requires that the updated servers be rebooted.

Requirements

  • FortiNAC firmware versions 6.x and higher (CentOS 7).

  • Access to fnac-updates.fortinet.net from each appliance or virtual machine.

  • HTTP access to centos.org from each appliance or virtual machine.

  • Maintenance window to reboot the appliance or virtual machine after installing the updates.

  • Hardware appliances: Dell hardware with one of these SKUs:

    FNC-CA-XXXC, FNC-C-XXXXC, FNC-A-XXXXC, FNC-M-550C

  • Legacy models:

    FNC-R-650C, SYS-BFN330-XXXX, SYS-BFN630-XXXX, SYS-BFN630XL-XXXX, SYS-G-BFN630-XXXX, SYC-FNT440-XXX, SYC-FNT440XL-XXX, SYC-FNT330-000

  • Outbound internet access is recommended for all servers that are being updated.
  • If you are running FortiNAC in a virtual machine, take a snapshot of the VM before updating the operating system.
  • Update packages are signed and will not install if keys do not match those on the appliance or virtual machine.

Update the operating system

  1. Click System > Settings.
  2. Expand the Updates folder.
  3. Select Operating System from the tree.
  4. Click Check for Updates to check the FTP server for updates and assess whether the FortiNAC servers are up to date or not.
  5. Click Update All to begin downloading and installing the operating system updates.
  6. A warning is displayed indicating that this is a long process and that you must reboot the server after the update. Click Yes to continue.
  7. Use Show Log at the bottom of the table to view a log of the update process.
  8. When the update is complete, select System Management > Power Management from the tree.
  9. Select each server and click Reboot to reboot the FortiNAC Server. If you have a Control Server and an Application Server, they must both be rebooted.
Settings

Field

Definition

Check For Updates Button

Queries the Fortinet FTP site to determine if there are updates available and to check the update status of each FortiNAC server.

Update All Button

Displays only when there are updates available. The Status field indicates the status of the server selected in the table. It is the same as the Status column in the table.

Host

Name of the FortiNAC server.

Product

Type of FortiNAC server. Types include:

  • FortiNAC Server
  • FortiNAC Control Server
  • FortiNAC Application Server

Status

Indicates the overall update status of the FortiNAC Server or Control Server/Application server pair, including:

Updates Available:Updates are available for one or more of the FortiNAC servers listed in the table.

Up To Date: All servers are up to date.

Error - Unable to establish an FTP session to downloads.bradfordnetworks.com

Error - Unable to ping host

Error - Unable to ssh to host

Last Updated

Date and time of the last update attempt.

Last Update Status

Indicates the state of the last update. States include:

Never Updated: Server has never had an operating system update.

Success: Server was updated successfully.

Failed: Update attempt has failed.

Last Update Duration

Amount of time that it took to update the server on the most recent update attempt. If the last update was not successful, this number may be very low.

Show Log

Displays the update log.