FortiManager Administration Guide has a section "Upgrading an ADOM" but I need to downgrade (from 5.2 to 5.0) in order to add a device which is on 5.0.
If there's no feature to downgrade an ADOM, is there a work-around to avoid deleting and re-creating an ADOM?
R's, Alex
there is no ADOM downgrade support, since there is no support for config db downgrade
and we only support ADOM db upgrade, for now, 4.3 -> 5.0 and 5.0 -> 5.2
but why you need "downgrade"? want to keep the old ADOM db config? you can just leave the old ADOM there and create a new 5.0 ADOM?
thanks
Simon
Hi Simon, (as in previous times, thank you for taking time to respond),
scao_FTNT wrote:but why you need "downgrade"? want to keep the old ADOM db config? you can just leave the old ADOM there and create a new 5.0 ADOM?
What will be the advantage of keeping the old ADOM? AFAIK, I cannot copy the ADOM database between ADOMs, so, I'd still need to import the devices into the new ADOM and at least for one of the devices, I'd need to imports its configuration in order to populate the ADOM - correct?
R's, Alex
actually your question/feedback help us to improve FMG and FAZ functions and thanks for your support :)
for now, we only support ADOM version upgrade, which is based on FOS upgrade logic to convert old version config to new version config, we also support 5.0 ADOM package config install to 5.2 FGT, using same upgrade logic for the convert, but no support for downgrade case.
and for your case, you need to create 5.0 ADOM, add 5.0 device and do the import, to import 5.0 device config to ADOM db for its policy package
Thanks
Simon
scao_FTNT wrote:for now, we only support ADOM version upgrade, which is based on FOS upgrade logic to convert old version config to new version config, we also support 5.0 ADOM package config install to 5.2 FGT, using same upgrade logic for the convert, but no support for downgrade case.
and for your case, you need to create 5.0 ADOM, add 5.0 device and do the import, to import 5.0 device config to ADOM db for its policy package
In my case, I have an existing 5.2 device, which I have previously used with a 5.2 ADOM. Now, I need to add a a new 5.0 device.
I created a new 5.0 ADOM and added both devices (VDOMs, actually, which were automatically removed from the 5.2 ADOM!)
The 5.0 ADOM has empty Policy Package and I wanted to import Policies from the 5.2 (since it's populated from 5.2 ADOM I previously had the device in), but I got "Cannot run import because device's firmware version is different than ADOM version."
So, it seems that I cannot import Policies from 5.2 device into a 5.0 ADOM (but I can install Policies Package from 5.0 ADOM to 5.2 device) correct?
for import, we only support same version import, so 5.2 ADOM, only 5.2 device can import, but not for 5.0 device (and 5.2 ADOM can not install to 5.0 device, only 5.0 ADOM install to 5.2 device or 4.3 ADOM install to 5.0 device)
Thanks
Simon
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.