This article provides instructions to disable automatic firmware upgrades on FortiGate devices through FortiManager and FortiGuard.
Scope
FortiGate, FortiManager.
Solution
Disabling Firmware Upgrades through FortiManager.
To disable automatic firmware upgrades on FortiGate devices managed by FortiManager, perform the following steps:
config system central-managementd set allow-push-firmware disable set allow-remote-firmware-upgrade disable end
- set allow-push-firmware disable: Disables the ability to push firmware updates from the central management system (FortiManager) to the FortiGate devices. This prevents firmware updates from being pushed to the devices.
- set allow-remote-firmware-upgrade disable: Disables the ability to perform remote firmware upgrades on the FortiGate devices from the central management system (FortiManager). This prevents remote firmware upgrades from being initiated.
Disabling Auto-Firmware Upgrade through FortiGuard.
To disable the auto-firmware upgrade feature through FortiGuard, perform the following steps:
config system fortiguard set auto-firmware-upgrade disable set gui-prompt-auto-upgrade disable end config system federated-upgrade set status disabled end
Cancel Any Scheduled Upgrades.
Run the following command to cancel any immediate or scheduled upgrades:
execute federated-upgrade cancel
This command will prompt the user to confirm the cancellation: Type Y and enter.