Hello forum,
is there any way how to change a Fortigate version in the Root ADOM running on the FAZ 5.6? I did the upgrade from the version 5.4 to 5.6 but I cannot change the FG version for the root ADOM, thus I had to create a new ADOM and move the FG 5.6 to this ADOM. But then I have 2 ADOMs, the empty root ADOM and the ADOM for the FG 5.6 which I find fairly unnecessary.
Thank you for any hint.
Regards,
Jozef
The version # associated with an ADOM is not significant on the FortiAnalyzer, only on the FortiManager. In our next patch releases of FAZ 5.4 & 5.6, we will be hiding the ADOM version to underline this.
As we say in the FAZ Best Practices guide (under "ADOM Design"), "You do not need to separate ADOMs by FortiOS versions."
Hi Jozef,
I just found your question while browsing this forum for another question I got. well that sounds like the FAZ has the same issue on 5.6 GA as the Manager has. I found a limitation which told me, that the FMG 5.6 GA has no way included to use the upgrade function for updating the root db/adom in this release. Since Fortinet develops both products very similar and combines features and the release of 5.6 for both products was on the same day, I wouldn't be surprised that the FAZ has the same limitation on 5.6 GA. so we will have to wait for a further bugfix release which might include the ability to upgrade the root adom.
you just have two options in the meanwhile, first thing you already figured out on your own is by creating another adom on 5.6 and move your devices into this area. the other option is to setup a new FortiAnalyzer based on 5.6 (if you're using it as a virtual device), or to perform a factoryreset on your hardware FAZ which is already on 5.6 and restore your backup data into it, then it should work with 5.6 root adom out of the box as there won't be another adom left in 5.6 per default :)
hopefully this will be fixed in a higher version, but we can be glad that Fortinet finally has released the 5.6 upgrade after it was available for the Firewalls since months.
best regards
Markus Eggeling
Hi there,
The post seems to be old, but I shall just share my experience. I had a FMG with 5.6.0 with Root ADOM version 5.4, the policy package and databsae objects were created with 5.4 ADOM version.
The FortiGates managed by this FMG were also running 5.4.x firmware version.
My goal was to upgrade the FMG to 5.6.5 firmware version and FortiGates to 5.6.x version.
I faced some issues/bugs and most probably it was because of the 5.6.0 firmware version on FMG, which is too buggy.
The option to upgrade the Root ADOM was disabled or greyed out, even though the FMG & FGTs were on 5.6.x version.
The solution for me was to perform the following steps:
(NOTE: Always follow the upgrade path, else you shall have a lot of fortifun ;) )
[ol]
Hope it helps.
Thanks & regards,
Prab :)
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.