Troubleshooting Tip: How to replace FortiGate Serial Number from FortiAnalyzer

When FortiGate is replaced for RMA, the Serial Number will be changed. When the Serial Number of FortiGate has been changed, FortiAnalyzer will not be able to recognize the FortiGate and the status will show 'Red'.

Rather than integrate New FortiGate (via RMA) with FortiAnalyzer, it is better to change the FortiGate old Serial Number to the New Serial Number. This setting can be performed via CLI, and the command is:

execute device replace sn <device Name existed from FortiAnalyzer> <New FortiGate Serial Number>

execute device replace sn CECV FG201FXXXXXXXX <----- This is to clarify the FortiGate SN been changed.

From the new FortiGate, configure the FortiAnalyzer using CLI (adding the FortiAnalyzer Serial-Number):

config log fortianalyzer setting
    set status enable
    set server "10.X.X.X"
    set serial "FAZ-VMTMXXXXXXXXX"
    set upload-option realtime

       set reliable enable
end

Then the GUI will show that the FortiAnalyzer has been authorized and the status FortiGate will show 'UP'.

The command is only capable of use for the same FortiGate Model Device.

Example:

200F replace with 200F

FGVM02TM with FGVM02TM

If been replaced with a different model, the error will show as below:

CATH-XXXXXXX # execute device replace sn tutu FG201FTXXXXX
Serial number 'FG201FTCCCCCC' does not match this device's model
Command fail. Return code -651

For the different model devices, it is necessary to register FortiGate as a 'New Device'.

Related articles:

• Technical Tip: Delete the unused Serial Number associated with a device in a cluster
• device (for execute device replace in the FortiAnalyzer CLI reference)