Special notices
Support of FortiLink features
Refer to the FortiSwitchOS feature matrix for details about the FortiLink features supported by each FortiSwitchOS model.
Downgrading FortiSwitchOS 7.0.0 and later to versions earlier than 6.2.6 or 6.4.4 is not supported
Downgrading FortiSwitchOS 7.0.0 and later to FortiSwitchOS 6.2.6 and later 6.2 versions is supported. Downgrading FortiSwitchOS 7.0.0 and later to FortiSwitchOS 6.4.4 and later 6.4 versions is supported. Downgrading FortiSwitchOS 7.0.0 and later to versions earlier than FortiSwitchOS 6.2.6 or 6.4.4 is not supported.
Downgrading FortiSwitchOS 7.0.0 and later requires converting the admin password first
Because FortiSwitchOS 7.0.0 changed from SHA1 to SHA256 encryption for admin passwords, you need to convert the format of the admin password before downgrading from FortiSwitchOS 7.0.0 and later to an earlier FortiSwitchOS version.
If you do not convert the admin password before downgrading from FortiSwitchOS 7.0.0 and later, the admin password will not work after the switch reboots with the earlier FortiSwitchOS version. |
The encrypted admin password in FortiSwitchOS 7.0.0 and higher starts with “SH2”, and the encrypted admin password for earlier FortiSwitchOS versions starts with “AK1”.
If you do not want to convert the format of the FortiSwitch admin password, you can use the FortiOS CLI to override the managed FortiSwitch admin password with the FortiGate admin password.
To convert the format of the admin password in FortiSwitchOS 7.0.0 and later before downgrading to an earlier FortiSwitchOS version:
- Enter the following FortiSwitchOS CLI command to convert the admin password from SHA256 to SHA1 encryption:
execute system admin account-convert <admin_name>
- Downgrade your firmware.
To override the managed FortiSwitch admin password with the FortiGate admin password:
config switch-controller switch profile
edit <FortiSwitch_profile_name>
set login-passwd-override enable
set login-passwd <new_password>
end
NAC policies not maintained or converted when upgrading from 6.4 to 7.2
When you upgrade from FortiOS 6.4 to FortiOS 7.2.0, existing NAC policies are not maintained or automatically converted into dynamic port policies. They have to be reconfigured.