FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article explains how to successfully migrate a FortiGate-VM from VMware to Proxmox. The same logic can be used for different Hypervisors.
Scope
FortiGate-VM.
Solution
Make sure that both the VMware and Proxmox VMs have the same number of interfaces and the same interface order. Both KVM and ESXI FortiGates will assign ports in the order they are assigned to the VM. For example, the first interface will be port1, the second will be port2, etc. As long as the port mapping is in the same order in both VMware and Proxmox, it will align correctly and work fine.
Deploy the new VM on Proxmox, matching the same FortiOS version.
Perform a backup configuration of the VMware FortiGate VM. It will be necessary to edit the configuration header to match the new VM.
Example:
This is the configuration header for a VMware FortiGate:
config-version=FGVM64-7.6.3-FW-build3510
While this is the configuration header for a KVM FortiGate:
config-version=FGVMK6-7.6.3-FW-build3510
For the KVM FortiGate to accept the configuration backup from the VMware FortiGate, 'FGVM64' needs to be replaced with 'FGVMK6'.
Shutdown the VMware VM. This is important because of the license, as there can only be a single VM connected to FortiGuard per license.
Restore the configuration on the Proxmox VM and upload the .lic file.
