Overview
This document applies to FortiNAC appliances configured for High Availability. Provides the steps for a customer to migrate their existing FortiNAC virtual appliances with the CentOS operating system to new FortiNAC-F virtual appliances with the FortiNAC-OS operating system. It assumes the customer is using perpetual endpoint licenses.
Once migration is complete, the FortiNAC-F appliances will have the license, entitlements and configuration as the original FortiNAC appliances.
If managed by a FortiNAC Manager, do not use this document. Proceed to:
CentOS to FortiNAC-OS VM Migration - FortiNAC Manager Environments
https://docs.fortinet.com/document/fortinac/9.4.0/fortinac-manager-environments
Requirements
-
The FortiNAC Primary Server must be using perpetual endpoint licenses (Support Type = License Support). To confirm, login to the Customer Portal (https://support.fortinet.com) and review the Entitlements section for the Control Server.
-
Contact sales to obtain the new FortiNAC-F appliances (FNC-CAX-xx/FNC-MX-xx). Registration codes for the new product will then be sent via email.
-
Both appliances in the High Availability pair should be migrated in the same session. In a High Availability configuration, both FortiNAC servers must match all of the following:
-
Model (FNC-CAX-VM, FNC-CA-500F, FNC-CA-600F , FNC-CA-700F, FNC-MX-VM, FNC-M-550F)
-
Virtual Appliance Vendor (Hyper-V, AWS, Azure, etc)
-
Configuration Examples
Supported (Primary/Secondary) |
Not Supported (Primary/Secondary) |
---|---|
FNC-CA-500F / FNC-CA-500F FNC-CAX-VM (AWS) / FNC-CAX-VM (AWS) FNC-M-550F / FNC-M-550F FNC-MX-VM (VMware) / FNC-MX-VM (VMware) |
FNC-CA-500F / FNC-CA-600F FNC-CAX-VM / FNC-CA-xxxF FNC-CAX-VM / FNC-CA-VM FNC-CAX-VM (AWS) / FNC-CAX-VM (KVM) FNC-MX-VM / FNC-M-550F FNC-MX-VM (VMware) / FNC-MX-VM (AWS) |
-
Recommended FortiNAC software versions
-
Existing FortiNAC CentOS appliances
-
v9.1.9 or greater*
-
v9.2.7 or greater*
-
v9.4.2 or greater* **
-
vF7.4.0 or greater for the migration tools * ** ***
* Later versions may require importing of key certificates prior to upgrade. See Importing License Key Certificates.
** Later versions may require new license keys prior to upgrade. See KB article Upgrade fails with license requirement error)
*** Steps are provided to import the migration tool from the FortiNAC-OS appliance if CentOS appliances are not running 7.4.0 or greater.
-
-
New FortiNAC-OS appliances: F7.4.0 or greater for the migration tools
-
-
Temporary management IP address
-
CLI access to both the CentOS and FortiNAC-OS appliances
Considerations
The process outlined and the tools used for this migration is not supported for the following configurations:
-
FortiNAC is using subscription endpoint licenses (Support Type = FortiNAC VM)
-
FortiNAC Control (FNC-C-xx) and Application (FNC-A-xx) Appliance Pairs
-
Moving FortiNAC-OS system to another FortiNAC-OS system
Migration Steps
Below are the steps required to complete the migration.
Step 1: Product Registration*
Step 2: Transfer Endpoint License Entitlements*
Step 3: Appliance Installation
Step 4: Generate and Download Keys
Step 5: Appliance Configuration
Step 6: Download & Install New License Key
--- PERFORM REMAINING STEPS DURING MAINTENANCE WINDOW* ---
Step 7: Collect & Transfer CentOS Migration Data
Step 8: Cutover to New Appliance
*See Preparation Checklist for suggested timelines to complete step.