Here's a link regarding the firmware upgrade of a standalone FortiGate firewall using the web GUI.
To check the current FortiOS firmware version (in FortiOS 6.x), go to System > Firmware > Current version: FortiOS v6.4.6 build6083
You can perform a firmware upgrade either online via FortiGuard or manually (offline) which I've performed in this post. My target firmware is 7.2.2 build1255.
Always
check the upgrade path using the Fortinet Upgrade Path tool and release notes. Select Current
Product from the drop-down option (FortiGate-40F) > select Current FortiOS
Version: 6.4.6 > select Upgrade to FortiOS Version: 7.2.2 > click GO.
The Recommended Upgrade Path is: 6.4.6 build 1879 > 6.4.8 build 1914 > 7.0.7 build 0367 > 7.2.2 build 1255.
Since I'm already on firmware version 6.4.6 build 6083, I upgraded first to 6.4.8 build 1914.
Go to FortiCloud
> Support > Downloads > Firmware Download. You'll need to create a login and valid support contract in order to download the firmware.
Go to Download tab
Select the v7.00 directory folder.
Select the 7.2 directory folder.
Download
the firmware according to FortiGate platform/model. In this case I used a FortiGate 40F.
Use the get system status command to verify in CLI.
FW01_PRI # get system status
Version: FortiGate-40F v6.4.6,build6083,210729 (GA)
Firmware Signature: certified
Virus-DB: 1.00000(2018-04-09 18:07)
Extended DB: 1.00000(2018-04-09 18:07)
IPS-DB: 6.00741(2015-12-01 02:30)
IPS-ETDB: 0.00000(2001-01-01 00:00)
APP-DB: 6.00741(2015-12-01 02:30)
INDUSTRIAL-DB: 6.00741(2015-12-01 02:30)
Serial-Number: FGT40FTK21091234
IPS Malicious URL Database: 4.00561(2022-12-15 11:35)
BIOS version: 05000021
System Part-Number: P24680-04
Log hard disk: Not available
Hostname: FW01_PRI
Private Encryption: Disable
Operation Mode: NAT
Current virtual domain: root
Max number of virtual domains: 10
Virtual domains status: 1 in NAT mode, 0 in TP mode
Virtual domain configuration: disable
FIPS-CC mode: disable
Current HA mode: standalone
Branch point: 1879
Release Version Information: GA
System time: Fri Feb 10 20:39:21 2023
Download the firmware files needed for the upgrade path.
Click Checksum to view the MD5 and SHA-512 checksum code string/hash.
Click HTTPS
hyperlink to download the firmware file.
Go to System > Firmware > Select
file > Browse > select the firmware file in your PC.
Click Backup config and upgrade.
Click Continue to proceed.
FortiGate-40F #
Firmware upgrade in progress ...
The FortiGate device will auto reboot. The firmware upgrade took around 3 minutes to complete and the login page with auto refresh.
The FortiGate will automatically backup the config and save in Downloads folder.
Upon login, it will show a quick video of the latest features in the new firmware.
The FortiGate doesn't have an Internet connection yet, so it failed to load the video.
Click OK to procced.
You can view the current firmware (in FortiOS 6.x) under System > Firmware > Current version: FortiOS v6.4.8 build 1914.
You can also view the firmware using the get system status command.
FortiGate-40F # get system status
Version: FortiGate-40F v6.4.8,build1914,211117 (GA)
Firmware Signature: certified
Virus-DB: 1.00000(2018-04-09 18:07)
Extended DB: 1.00000(2018-04-09 18:07)
IPS-DB: 6.00741(2015-12-01 02:30)
IPS-ETDB: 0.00000(2001-01-01 00:00)
APP-DB: 6.00741(2015-12-01 02:30)
INDUSTRIAL-DB: 6.00741(2015-12-01 02:30)
Serial-Number: FGT40FTK2101234
IPS Malicious URL Database: 1.00001(2015-01-01 01:01)
BIOS version: 05000021
System Part-Number: P24680-04
Log hard disk: Not available
Hostname: FortiGate-40F
Private Encryption: Disable
Operation Mode: NAT
Current virtual domain: root
Max number of virtual domains: 10
Virtual domains status: 1 in NAT mode, 0 in TP mode
Virtual domain configuration: disable
FIPS-CC mode: disable
Current HA mode: standalone
Branch point: 1914
Release Version Information: GA
System time: Sun Feb 12 03:17:50 2023
Perform the same steps until the target firmware is upgraded.
Starting FortiOS version 7.0, the firmware version is either checked under System Firmware or Fabric Management > Firmware Version: v7.0.7 build 0367.
To upgrade firmware, go to System > Firmware > File Upload.
Select the target firmware image file > click Confirm and Backup Config.
Alternatively, you can go to System > Fabric Management > select Device: FortiGate-40F > Upgrade.
Select File Upload > select Firmware image file > click Confirm and Backup Config.
Click Continue to proceed.
FortiGate-40F # get system status
Version: FortiGate-40F v7.2.2,build1255,220930 (GA.F)
Firmware Signature: certified
Virus-DB: 1.00000(2018-04-09 18:07)
Extended DB: 1.00000(2018-04-09 18:07)
AV AI/ML Model: 0.00000(2001-01-01 00:00)
IPS-DB: 6.00741(2015-12-01 02:30)
IPS-ETDB: 0.00000(2001-01-01 00:00)
APP-DB: 6.00741(2015-12-01 02:30)
INDUSTRIAL-DB: 6.00741(2015-12-01 02:30)
IPS Malicious URL Database: 1.00001(2015-01-01 01:01)
IoT-Detect: 0.00000(2001-01-01 00:00)
Serial-Number: FGT40FTK2101234
BIOS version: 05000021
System Part-Number: P24680-04
Log hard disk: Not available
Hostname: FortiGate-40F
Private Encryption: Disable
Operation Mode: NAT
Current virtual domain: root
Max number of virtual domains: 10
Virtual domains status: 1 in NAT mode, 0 in TP mode
Virtual domain configuration: disable
FIPS-CC mode: disable
Current HA mode: standalone
Branch point: 1255
Release Version Information: GA
System time: Sun Feb 12 03:34:24 2023
Last reboot reason: warm reboot
No comments:
Post a Comment