What happens if one Fortigate device expires license on an HA pair

Forum|Forum|1 year ago
November 12, 2024
2 replies
2846 views

Newbie question here, I'm working in an MSP, and one of our clients Fortigate FW license expired which caused web browsing to be blocked. I've look into this and was able to get things working before we renewed the license.

Our team is planning to give recommendations on purchasing a similar fortigate appliance with identical license but with different expiry dates. I just want to be sure if this will work, if the primary FW loses its subscription will the 2nd device take over if the subscription on it are still active?

FortiGate

Best answer by dingjerry_FTNT

Hi @kgcppublic ,

If one of the HA cluster members expires the licenses, the whole HA cluster will show the expired information for the licensing.

johnathan

Staff

Each device in the HA cluster needs to be licensed in order for the features to work. The cluster will always take the lowest expiry date on any device. See this article for details: https://community.fortinet.com/t5/FortiGate/Technical-Tip-The-HA-Cluster-requirements/ta-p/325375

Never trust a computer you can't throw out a window.

dingjerry_FTNTAnswer

Staff

Hi @kgcppublic ,

If one of the HA cluster members expires the licenses, the whole HA cluster will show the expired information for the licensing.

ELCaminooo

Staff

What will happen on the inspection capabilities of the HA Cluster if one of the members license expires? Aside from showing the expired license in the GUI since once of the members still have valid UTP license

dingjerry_FTNT

Staff

As long as the FGT GUI is showing expired licenses (even if one of the cluster members has valid licenses), it will be treated as having expired licenses for the whole HA cluster.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded