Created on 07-17-2019 08:10 AM Edited on 04-04-2024 12:13 AM By Anthony_E
Description
This article describes the possibilities to upgrade the firmware on FortiAuthenticator from GUI and CLI.
While the GUI upgrade is common, starting from firmware branch 6.0 the FortiAuthenticator has the option to import a firmware image file from the CLI. Before 6.0 only hardware models had the boot menu where an upload from a clean firmware image was possible.
With this new CLI command, it is also possible to perform upgrades by pushing the newer firmware image via FTP/TFTP.
Solution
Back up the configuration, then follow the procedure below to upgrade the firmware.
Before installing FortiAuthenticator firmware, download the firmware image from the Fortinet Support website, then upload it from your computer to the FortiAuthenticator.
Before firmware upgrade:
As best practice, it is important to read the release notes, which are also available from the Fortinet Customer Service & Support site (https://support.fortinet.com/) at the same location from where the firmware image has been downloaded.
Once downloaded, review the special notices, upgrade information, product integration, and support, and resolve issues, known issues, and limitations.
Release notes and documentation can be also found here:
FortiAuthenticator
Firmware upgrade process from GUI.
The browser uploads the firmware file.
The time required varies by the size of the file and the speed of the network connection.
When the file transfer is complete, the following message is shown: 'It is recommended that a system backup is taken at this point'.
Once complete, verify the download, then select the 'Start Upgrade' button.
If an error about an incorrect platform is received, the VM host platform does not match the VM platform the FortiAuthenticator is running at, for example, KVM, VMWare, Hyper-V, or Xen.
Wait until the unpacking, upgrade, and reboot process has been completed (usually 3-5 minutes), then refresh the page.
When the upgrade completes, refresh the web browser to see the login window.
Firmware upgrade process from CLI.
FTP:
execute restore image ftp <filename> <ftp_ipv4>
TFTP:
execute restore image tftp <filename> <tftp_ipv4> <----- Where <filename> is the name of the firmware image file and <ftp_ipv4> or <tftp_ipv4> is the IP address of the FTP/TFTP server.
Type 'y' to confirm the upgrade process.
FortiAuthenticator downloads the firmware image file from the server upgrades to the new firmware version and restarts.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.