Upgrading from 6.0.12 or 6.0.13 to 7.0.2 or 7.0.3
FortiPortal may be upgraded from 6.0.12 or 6.0.13 directly to 7.0.2 or 7.0.3. You must first upgrade your system from any earlier version to 6.0.12.
See Notes for important details that may affect your upgrade. |
To upgrade FortiPortal 6.0.12 or 6.0.13 to 7.0.2 or 7.0.3:
-
Create a MySQL backup file from your current FortiPortal database.
The backup file can be created by running this command in your terminal:
mysqldump -u[Your_User_Name] -p[Your_Password] --all_databases > [Your_FileName]
Example:
mysqldump -uJohnDoe -pPassword --all_databses > MyFPCv6.sql
-
Download the
upgrade_tool
script from the Fortinet Customer Service & Support website (https://support.fortinet.com/):-
Log into FortiCloud.
-
Click Support in the header menu, then select Firmware Download.
-
In Select Product, select FortiPortal.
-
In the Download tab, navigate to FortiPortal > v7.0.0 > 7.0 > 7.0.2.
-
Click
upgrade_tool
to download the script.The same script is used for upgrading to 7.0.2 and 7.0.3.
This script processes your database backup file and outputs a new file you will upload to your new FortiPortal 7.0.2 or 7.0.3 installation.
The upgrade tool must be run in a Linux environment. The required version is Ubuntu 22.04 or later with Python 3.9.x or higher. Other operating system families such as Debian and CentOS are not verified and are not guaranteed to work successfully.
It requires root (
sudo
) access to run. -
-
In your terminal, run
chmod +x upgrade_tool
to make it executable. -
Run
sudo ./upgrade_tool
. When prompted, input your linux system password. -
At the prompt
Please enter your file name:
, enter the path to the MySQL dump file you created in step 1. For example,MyFPCv6.sql
.After the upgrade tool finishes running, a file
fpc_upgrade.bk
is created. -
Shutdown the current FortiPortal VM.
-
Install a new FortiPortal 7.0.2 or 7.0.3 VM (see Installation).
-
In the new FortiPortal, go to Dashboard > System Configuration, click Restore System, and upload the
fpc_upgrade.bk
file. The system reboots when the restore process is complete.
The upgrade tool also generates a JSON file named |
After you shutdown your current FortiPortal VM, you must wait two hours for the license to be released to use it on the new FortiPortal 7.0.2 or 7.0.3 VM. |
Notes
-
Themes, alerts, and FortiAP devices are not retained in this upgrade process.
-
You must re-enter the passwords for all connected FortiManagers and FortiAnalyzers.
-
If SMTP email authentication is enabled, you must re-enter that password.
-
User spuser from FortiPortal 6 is changed to spuser_old.
-
The authentication method is reset to local.
If re-enabling remote authentication, you must to re-enter the Remote Server Key (FortiAuthenticator and RADIUS) but other remote authentication info is retained.
-
Users will need to use their temporary password from the
user_pwd
file generated by the upgrade tool to log in. -
The policy installation scheduler installation time is reset to
00:00
. -
The FortiManager device repo status is set to Unknown, as there is no such data in the previous version.
-
Device display name are now in the format of {adom}/{serial_number}/vdom.
-
All profiles now have a prefix of v6- (for example, v6-System Admin).
-
Any role with a combination of multiple roles is converted into a new profile with a new name combining the roles (for eaxmple, v6-foo_v6-bar).
-
FortiPortal 6.0 and 7.0 have different permission control designs. These are the permission changes made during the upgrade:
-
Provider > Organization: If Customer, Sites, and Reports permissions are different, Organization is set to Custom.
-
Provider > Device: If FortiManager and FortiAnalyzer have different permissions, Device is set to Custom.
-
Provider > System: If Settings/Profile/Admins/Themes have different permissions, System is set to Custom.
-
Provider > Additional Resources: Set to Read.
-
Provider > Notification: Set to Read.
-
Provider > Audit: Set to Read/Write.
-
Customer > Insights: If Dashboard, Monitor, Health, and Logs have different permission, Insights is set to Custom.
-
Customer > Insights > Monitors: Shares the same permissions as Logs.
-
Customer > Insights > Logs: If Traffic, IPS, Sandbox, AV, DNS, App-Control, Web-Filter, and Event have different permissions, Logs is set to Custom.
-
Customer > Security: If Policy, Firewall, Network, Routing have different permissions, Security is set to Custom.
-
Customer > Security > Policy: Everything under Policy retains permissions from FortiPortal 6.0.
-
Customer > Security > Objects: If not everything under Objects share the same permissions, Firewall Objects is set to Custom.
-
Customer > Security > Network: If not everything under Network shares the same permissions, Network is set to Custom.
-
Customer > Security > Routing: Set to None.
-
Customer > SD-WAN: If Monitoring and Configuration have different permissions, SD-WAN is set to Custom.
-
Customer > Switch: Set to None.
-
Any other permissions that are new in FortiPortal 7.0 are set to None.
-