Fortinet black logo

FortiNAC Manager Environments

Home FortiNAC 9.4.0 FortiNAC Manager Environments
9.4.0
9.4.0
9.2.0
9.1.0

Overview

Overview

This document applies to FortiNAC appliances managed by the FortiNAC Manager. Provides the steps for a customer to migrate their existing FortiNAC virtual appliances with the CentOS operating system to new FortiNAC-F virtual appliances with the FortiNAC-OS operating system. It assumes the customer is using perpetual endpoint licenses.

Once migration is complete, the FortiNAC-F appliances will have the license, entitlements and configuration as the original FortiNAC appliances.

Requirements

  • FortiNAC Manager must be using perpetual endpoint licenses (Support Type = License Support). To confirm, login to the Customer Portal (https://support.fortinet.com) and review the Entitlements section for the Manager.

  • Contact sales to obtain the new FortiNAC-F appliances (FNC-CAX-xx/FNC-MX-xx). Registration codes for the new product will then be sent via email.

  • Both appliances in the High Availability pair should be migrated in the same session. In a High Availability configuration, both FortiNAC servers must match all of the following:

    • Model (FNC-CAX-VM, FNC-CA-500F, FNC-CA-600F , FNC-CA-700F, FNC-MX-VM, FNC-M-550F)

    • Virtual Appliance Vendor (Hyper-V, AWS, Azure, etc)

      Configuration examples

      Supported

      (Primary/Secondary)

      Not Supported

      (Primary/Secondary)

      FNC-CA-500F / FNC-CA-500F

      FNC-CAX-VM (AWS) / FNC-CAX-VM (AWS)

      FNC-M-550F / FNC-M-550F

      FNC-MX-VM (VMware) / FNC-MX-VM (VMware)

      FNC-CA-500F / FNC-CA-600F

      FNC-CAX-VM / FNC-CA-xxxF

      FNC-CAX-VM / FNC-CA-VM

      FNC-CAX-VM (AWS) / FNC-CAX-VM (KVM)

      FNC-MX-VM / FNC-M-550F

      FNC-MX-VM (VMware) / FNC-MX-VM (AWS)

  • Existing FortiNAC CentOS appliances (FNC-CA-xx/FNC-M-xx) should be running one of the following versions*

    • FortiNAC Software Versions

      • v9.1.10 or greater

      • v9.2.8 or greater

      • v9.4.3 or greater

      • v7.2.2 or greater

        *Important: If not all PODs will be migrated in the same session, upgrade to the same version as the FortiNAC-OS appliances.

  • New FortiNAC-OS appliances should be running FortiNAC Software Version F7.2.2 or greater for the migration tools

  • F7.2.5, F7.4.0 or greater: Migration tool may need to be copied from the FortiNAC-OS appliance to CentOS appliances during the data collection step. The FortiNAC-OS performs a version check during cutover. If the migration tool used is not the same version, an error occurs. For details, see KB article 292261 (https://community.fortinet.com/t5/FortiNAC-F/Technical-Tip-How-to-Migrate-a-Standalone-CentOS-FortiNAC-to/ta-p/292261)

  • Temporary management IP address

  • CLI access to both the CentOS and FortiNAC-OS appliances

Considerations

The process outlined and the tools used for this migration is not supported for the following configurations:

  • FortiNAC Manager is using subscription endpoint licenses (Support Type = FortiNAC VM)

  • FortiNAC Control (FNC-C-xx) and Application (FNC-A-xx) Appliance Pairs

  • FortiNAC-OS system to another FortiNAC-OS system

Migration Steps

Below are the steps required to complete the migration.

Step 1: Product Registration*

Step 2: Transfer Endpoint License Entitlements *

Step 3: Appliance Installation

Step 4: Generate and Download Keys

Step 5: Appliance Configuration

Step 6: Download & Install New License Key

--- PERFORM REMAINING STEPS DURING MAINTENANCE WINDOW* ---

Step 7: Migrate Managed Servers - Collect & Transfer CentOS Migration Data

Step 8: Migrate Managed Servers - Cutover to New Appliance

Step 9: Migrate FortiNAC Manager - Collect & Transfer CentOS Migration Data

Step 10: Migrate FortiNAC Manager - Cutover to New Appliance

Step 11: Update Allowed Serial Number List (if necessary)

*See Preparation Checklist for suggested timelines to complete step.

Previous
Next

Overview

This document applies to FortiNAC appliances managed by the FortiNAC Manager. Provides the steps for a customer to migrate their existing FortiNAC virtual appliances with the CentOS operating system to new FortiNAC-F virtual appliances with the FortiNAC-OS operating system. It assumes the customer is using perpetual endpoint licenses.

Once migration is complete, the FortiNAC-F appliances will have the license, entitlements and configuration as the original FortiNAC appliances.

Requirements

  • FortiNAC Manager must be using perpetual endpoint licenses (Support Type = License Support). To confirm, login to the Customer Portal (https://support.fortinet.com) and review the Entitlements section for the Manager.

  • Contact sales to obtain the new FortiNAC-F appliances (FNC-CAX-xx/FNC-MX-xx). Registration codes for the new product will then be sent via email.

  • Both appliances in the High Availability pair should be migrated in the same session. In a High Availability configuration, both FortiNAC servers must match all of the following:

    • Model (FNC-CAX-VM, FNC-CA-500F, FNC-CA-600F , FNC-CA-700F, FNC-MX-VM, FNC-M-550F)

    • Virtual Appliance Vendor (Hyper-V, AWS, Azure, etc)

      Configuration examples

      Supported

      (Primary/Secondary)

      Not Supported

      (Primary/Secondary)

      FNC-CA-500F / FNC-CA-500F

      FNC-CAX-VM (AWS) / FNC-CAX-VM (AWS)

      FNC-M-550F / FNC-M-550F

      FNC-MX-VM (VMware) / FNC-MX-VM (VMware)

      FNC-CA-500F / FNC-CA-600F

      FNC-CAX-VM / FNC-CA-xxxF

      FNC-CAX-VM / FNC-CA-VM

      FNC-CAX-VM (AWS) / FNC-CAX-VM (KVM)

      FNC-MX-VM / FNC-M-550F

      FNC-MX-VM (VMware) / FNC-MX-VM (AWS)

  • Existing FortiNAC CentOS appliances (FNC-CA-xx/FNC-M-xx) should be running one of the following versions*

    • FortiNAC Software Versions

      • v9.1.10 or greater

      • v9.2.8 or greater

      • v9.4.3 or greater

      • v7.2.2 or greater

        *Important: If not all PODs will be migrated in the same session, upgrade to the same version as the FortiNAC-OS appliances.

  • New FortiNAC-OS appliances should be running FortiNAC Software Version F7.2.2 or greater for the migration tools

  • F7.2.5, F7.4.0 or greater: Migration tool may need to be copied from the FortiNAC-OS appliance to CentOS appliances during the data collection step. The FortiNAC-OS performs a version check during cutover. If the migration tool used is not the same version, an error occurs. For details, see KB article 292261 (https://community.fortinet.com/t5/FortiNAC-F/Technical-Tip-How-to-Migrate-a-Standalone-CentOS-FortiNAC-to/ta-p/292261)

  • Temporary management IP address

  • CLI access to both the CentOS and FortiNAC-OS appliances

Considerations

The process outlined and the tools used for this migration is not supported for the following configurations:

  • FortiNAC Manager is using subscription endpoint licenses (Support Type = FortiNAC VM)

  • FortiNAC Control (FNC-C-xx) and Application (FNC-A-xx) Appliance Pairs

  • FortiNAC-OS system to another FortiNAC-OS system

Migration Steps

Below are the steps required to complete the migration.

Step 1: Product Registration*

Step 2: Transfer Endpoint License Entitlements *

Step 3: Appliance Installation

Step 4: Generate and Download Keys

Step 5: Appliance Configuration

Step 6: Download & Install New License Key

--- PERFORM REMAINING STEPS DURING MAINTENANCE WINDOW* ---

Step 7: Migrate Managed Servers - Collect & Transfer CentOS Migration Data

Step 8: Migrate Managed Servers - Cutover to New Appliance

Step 9: Migrate FortiNAC Manager - Collect & Transfer CentOS Migration Data

Step 10: Migrate FortiNAC Manager - Cutover to New Appliance

Step 11: Update Allowed Serial Number List (if necessary)

*See Preparation Checklist for suggested timelines to complete step.

Previous
Next