Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
JNDias
Staff
Staff

Created on ‎03-06-2023 01:41 AM Edited on ‎11-06-2024 11:02 PM By Moderator

Article Id 248186

Technical Tip: Migrate a FortiGate Cloud account to another one

Description This article describes how to move a FortiGate that is already deployed to FortiGate Cloud to another account and retain its historical data.
Scope FortiGate, FortiGate Cloud and FortiCare.
Solution

Requirements before proceeding:

  • Have admin access to the FortiGate, as well as both the source and destination migration FortiCloud and FortiGate Cloud accounts.
  • Be a master account user.
  • Log migration is only supported within the same FortiGate Cloud region.

 

Migrating FortiGate to a different FortiGate Cloud account:

 

From the FortiGate Cloud portal:

  1. FortiGate Cloud 'Assets'/'Network Overview'.
  2. Select the gear icon on the line of the FortiGate to migrate.

 

JNDias_0-1678091218086.png

 

  1. Select 'Migrate Existing Data'.

     

    JNDias_1-1678091228108.png

     

  2. Enter the email of the destination 'FortiGate Cloud' main account and 'submit'. The data will be migrated.

     

    JNDias_2-1678091249520.png

    JNDias_3-1678091261738.png

     

  3. Go to FortiGate and reactivate FortiGate Cloud using the main account email for the destination FortiGate Cloud account in the CLI command:

     

    execute fortiguard-log login <destination account email> <password>

  4. The device joins the destination FortiGate Cloud account in the same region (US | Europe | Global) as it had in the source FortiGate Cloud Account. All of the logs will now be available in the destination FortiGate Cloud account.

 
Notes:
  • After logging in to the destination account, logs are no longer visible in the source account.
  • For FortiGate clusters, each cluster member has to be moved individually.
  • FortiCloud keys cannot be used to move a FortiGate from one account to another if the FortiGate already exists in one FortiCloud account.
  • Migrating logs between different FortiGate Cloud regions are not supported.


After FortiGate Cloud migration, the device is still registered to the previous Asset Management Portal:


The process above only affects FortiGate Cloud logging and central management. The license and any support contracts are still associated with the Asset Management Portal in the existing FortiCloud account. If an administrator logs out of FortiGate Cloud and later attempts to log in to FortiGate Cloud from GUI, the account shown will be the current FortiCloud account id. To reconnect to the destination FortiGate Cloud account, use 'execute fortiguard-log login' as in step 5.

 

If the FortiGate is moved to FortiGate Cloud but not to FortiCloud, there will be a 'FortiCloud Migration' notification visible next to the device in the new FortiGate Cloud portal. This is expected and informs the FortiGate Cloud administrator that the device license is still registered to a different account.

 

Asset Registration Notification.png

 

No action needs to be taken unless asset management should also be transferred including licenses and support contracts. To transfer these, see 'Administration Guide: Transfer a device to another FortiCloud account'.
3569
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.