Migrate FortiSwitch:

• Before migration, it is recommended to ensure that both the old FortiGate and the new or replacement FortiGate are running matching FortiOS release versions to avoid conflicts between commands, settings, and features. 

• The old FortiSwitch can be de-authorized, and disconnected from the old firewall. Then, after connecting the switch to the new firewall and completing the process to get the FortiSwitch online and managed by the new FortiGate, the 'switch-controller' configuration can be copied from the old firewall to the new firewall.
  
  This config would be located under 'config switch-controller managed-switch'. There will be an entry for each switch the FortiGate is managing, all of the configs for that switch and each port on that switch will be present. 

Alternatively, the switch-controller configuration can be copied to the new FortiGate first, even though the FortiSwitch(es) are not yet managed or connected to the new FortiGate. Follow up with the physical connection at the planned time for migration. 

• A different approach to manual migration is to utilize FortiConverter services, which is a license-based service that includes assistance from the FortiConverter team. See this document.
  

Migrate FortiAP:

• The settings required for this migration to be successful are The firewall interface connected to the FortiAP, The wireless-controller wtp-profile and the wtp.
• the following commands an settings are example of the required settings:
  
  config system interface
      edit "apvlan"
          set vdom "root"
          set ip 172.16.3.1 255.255.255.0
          set allowaccess fabric
          set device-identification enable
          set role lan
          set snmp-index 27
          set ip-managed-by-fortiipam disable
          set interface "fortilink"
          set vlanid 10
      next
  end
  
  config wireless-controller wtp-profile
      edit "FAP231E-default"
          config platform
              set type 231E
              set ddscan enable
          end
      set handoff-sta-thresh 55
          config radio-1
              set band 802.11g 802.11n-2G
          end
          config radio-2
              set band 802.11a 802.11n-5G 802.11ac-5G
              set channel-bonding 40MHz
          end
          config radio-3
              set mode monitor
          end
      next
  end
  
  config wireless-controller wtp
      edit "FP231ETF19001292"
          set uuid 4835ee58-e35c-51ef-fc1a-95aa3617f747
          set admin enable
          set wtp-profile "FAP231E-default"
              config radio-1
              end
              config radio-2
              end
          next
      end
  

• In cases with a FortiAP managed via a VLAN interface on the FortiGate, it is recommended to make sure that the Tagged VLAN on the switch connecting the FortiAP to the FortiGate is setup as a Native VLAN on the swtich port directly connected to the FortiAP. For an example with a FortiSwtich, see Troubleshooting Tip: Managed FortiAP showing as Offline/Down.