FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
gmanea
Staff
Staff
Article Id 194743

Description

 

When FortiGate firmware is upgraded, the new firmware image is stored on one partition (which becomes the primary unit) while the previous firmware image will still be stored on another partition as a backup image (the secondary unit). In some cases, firmware upgrades cause unexpected issues and reverting to the previous image is a fast fix worth considering. This article describes how to revert FortiGate to the previous firmware image when using an HA cluster. Some precautions are required in a High Availability setup.

 

Scope

 

FortiGate HA.


Solution

 

FortiGate has two boot partitions on its flash drive to store firmware images and configuration files.

This only works on physical appliances: Virtual Machines do not have the dual boot option. An alternative for VMs is to create snapshots before the upgrade.

 

Backup the configuration first before reverting to the previous firmware by using the following commands through the CLI and select which firmware should be used at the next reboot:

FGT # diag sys flash list
Partition      Image                                                                       TotalSize(KB)         Used(KB)          Use%      Active
1                  FGT61E-7.02-FW-build1517-230606                               253920             102716            40%          Yes
2                 FGT61E-7.02-FW-build1262-221109                                253920             98304             39%           No
3                 ETDB-90.06786                                                               3021708           232936                8%          No
Image build at Jun 6 2023 16:47:58 for b1517


As per the above output, partition 1 can be seen to be active and holds the current firmware 7.2.5, while the partition 2 is on 7.2.3 hold the last firmware.

FGT # execute set-next-reboot {primary | secondary} Primary and Secondary simply refer to partition number 1 or partition number 2 respectively. Partition number 3 can be ignored.


FGT # execute set-next-reboot secondary <-----In this example it will be secondary, as we want to roll back to partition 2.
Default image is changed to image# 2.


Once the secondary partition that is to be used to boot the device has been selected, reboot the FortiGate.

This can be done using the command:
FGT # execute reboot

 
When it comes to HA operation, there are a few things to note:
  • These commands are not synchronized and must be used on every FortiGate unit member of the cluster.
  • The units will boot with the newly selected firmware image and the HA master will be selected according to FortiOS HA master election process.
  • Note the override flag/priority/monitored interfaces.
  • Direct console access, cable access to a port, or dedicated management interface is strongly recommended for each of the units in the cluster.
  • If the units are not rebooted at the same time, the cluster may no longer form after the reboot and will create a split-brain scenario. The second unit may not be reachable through 'exec ha manage'.
  • Since all of the configuration changes performed since the upgrade will be lost, it is necessary to reconfigure access to the FortiGate (only if changes are performed after the upgrade).
 
Related articles: