How To Perform Scheduled Upgrade For FortiGates Using FortiManager
Description
Scope
FortiManager.
Solution
1. If FortiManager is operating in a closed network and cannot download FortiGuard images, the firmware can be manually downloaded from the Fortinet Support Portal and then uploaded into FortiManager via FortiGuard → Local Images → Import → Upload firmware.
2. Create a new firmware template in FortiManager by going to Device Manager → Firmware Templates and selecting Create New.
3. Under ‘Upgrade Details’, select ‘Create New’ in the firmware template and then select the appropriate product, platform, and version to be upgraded to.
4. Under Install Window in FortiManager, select the schedule type and define the start time and end time for the upgrade activity.
The start time indicates when the upgrade will begin, while the end time defines when the process should stop.
It is also recommended to enable “Follow the Recommended Upgrade Path” under Upgrade Options.
Note: If the upgrade is not completed within the defined end time, the process will be automatically stopped.
5. Assign the firmware template to the device to be upgraded.
6. When the firmware template reaches its scheduled time, FortiManager displays a notification showing the upgrade progress of the managed FortiGate devices in real time.
7. After the upgrade is completed, the notification will disappear from FortiManager.
You can then verify the new firmware version on both FortiGate and FortiManager to confirm that the upgrade was successful.
Troubleshooting:
On FortiManager:
execute tac report
diagnose fwmanager fwm-log
On the FortiGate:
While the upgrade is in progress, on FortiManager enable debug:
diagnose debug application fgfmsd 255