Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
nbctcp
New Contributor III

Replace a Fortigate in HA to newer model

I ask this question to Indonesia Forti employee this morning

Let say I have Fortigate HA with same model.

Later next year my model already EOL.

If one of Fortigate died and need to be replaced with newer model.

He said that must use same model

 

QUESTIONS: 1. anyone tried replacing with newer and better model. maybe not exactly the same model but similar model. number of ports are the same but maybe faster CPU and bigger RAM tq

http://goo.gl/lhQjmUhttp://nbctcp.wordpress.com
2 Solutions
ShawnZA

Hardware revision refers to the same model ie 200E but the hardware inside might be different, like the hard drive.

 

From Fortigate:

Some FortiGate models have multiple versions of hardware. Typically this means minor changes such as an increase of memory or a different disk drive vendor while retaining the same major platform name. These different versions are known as "revision" levels (For example FortiGate 5001B rev1, FortiGate 5001B rev2).

 

View solution in original post

ede_pfau
Esteemed Contributor III

VRRP will work with Fortigates but IMHO it's clumsy and takes a lot of time for failover. No comparison to FOS HA.

Usually, if I run a FGT HA cluster, my devices have at least a FortiCare subscription. If one unit fails, I have it replaced, and it's Fortinet's trouble to supply the same model even if it's out of production. I guess your case is different...


Ede

"Kernel panic: Aiee, killing interrupt handler!"

View solution in original post

Ede"Kernel panic: Aiee, killing interrupt handler!"
11 REPLIES 11
tioeudes

By experience, I tried to form a cluster with two 1500D units with different disk sizes, and even with the ignore-hardware parameter enabled, did not work.

 

So I believe it only works with small models.

ede_pfau
Esteemed Contributor III

You cannot use a HW licence for a VM. But, you could talk to your FTNT partner if the remaining service time can be compensated by a rebate for the new contract. It's up to FTNT but usually they do.

As nice as a VM is in view to redundancy (just restart the VM), for a Fortigate IMHO it's a bad choice. One of the biggest assets of the whole Fortinet product range is the hardware-assisted acceleration of the Fortigates. You will have a hard time to provide enough resources to mimic that on a VM, and even if, not at the same cost.


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
Labels
Top Kudoed Authors