Technical Tip: How to register the LENC license in a FortiGate HA cluster
Description
Â
This article describes how to enable encryption on LENC devices when these are in an HA cluster.
Â
Scope
Â
FortiGate, HA cluster.
Solution
Â
The first step is to register the license in the Fortinet Customer Service and Support web portal at Support. This will generate the license key. This step must be repeated for all members in the cluster.
To retrieve the license key, choose the asset to which the LENC license upgrade was registered, and on 'License & Key', select 'Show License Key'. A pop-up will appear containing the license key:
The license keys must then be entered into each device.
Â
Using the CLI on the primary device.
Â
execute crypto-license <high-encryption-key>Â
Change in the CLI to the secondary device, where <id> is the ID for the other member of the cluster:
Â
execute ha manage <id>Â
Enter the key in the secondary device.
Â
execute crypto-license <high-encryption-key>Reboot the appliance.
Â
(Optional) In order to use deep inspection with strong encryption certificates with more than 512 bits, renew all default certificates.
Follow the steps in Technical Tip: Unable to perform deep inspection after upgrade from LENC to High Encrypt to renew them.