Technical Tip: How to Migrate FortiManager configuration from premise to Public Cloud
Description
This article describes how to Migrate FortiManager configuration from premise to Public 0662605Cloud.
For Demo select AWS as a cloud platform and service use FTP.
The procedure is the same for another cloud vendor as well.
Examples: Azure, Alibaba Cloud, etc.
Scope
FortiManager.
Solution
- Keep FortiManager in AWS with the same firmware version as on-premise FortiManager i.e. if the on-premise FortiManager firmware version is 6.4.2 then in FMG-AWS firmware has to be v6.4.2.
- Before migration keep on-premise FortiManager in sync with FortiGate:
- Take on-premise FortiManager configuration backup:
Or backup FortiManager config from CLI:
- FMG-AWS 'Device manager' before migration:
FTP server setting:
In this scenario, Filezilla FTP has been used:
On-premise FortiManager backup saved in fmgbackup folder which is also selected in FileZilla directories:
On-premise FortiManager backup saved in fmgbackup folder which is also selected in FileZilla directories:
Note:
Make sure FTP is reachable from FMG-AWS and FTP ports are open in AWS security group:
- Reachability: check using ping from FMGAWS to FTP server IP:
FMGAWS#exe ping x.x.x.x <----- FTP server IP.-In AWS, security group, check if the port is open.
- Migrate config from FTP to FMG-AWS. In FMG-AWS needs to be executed below command:
After the Configuration is transferred successfully from FTP to FMG-AWS, FortiManager will reboot once, and later backup configuration will appear in FMG-AWS.
Note.
System settings will remain as they were before loading the configuration file. To copy over system settings from the original model, they are viewable from the CLI and can be copied manually between models.
Related Articles:
Technical Note: Using 'exec migrate' to migrate to a new FortiAnalyzer / FortiManager model
New Feature - Migrate the FortiManager instance from a different platform supported in the GUI