I am currently setting up a new FMG. I have 8 FGTs in total. Two of them are 100Es running 7.2 firmware and the rest are 100Fs running 7.4 firmware. I have created two separate ADOMS... one for 7.2 devices and the other for 7.4 devices. My goal is to use the VPN Manager to create a Full Mesh IPSEC topology across all 8 fortigates. Will I be able to do that while the two 100Es are in a separate ADOM? If not, what is recommended to get this accomplished?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Why not run them all on the same version?
I wish I could but it seems that firmware upgrades stop at 7.2 for the 100Es.... 7.4 is not available.
Hi @Modnet
unfortunately, that is not possible in VPN Manager, they must be in the same ADOM
else you will need to create tunnels in the device manager
Thanks,
Ahmad
Created on 11-14-2023 02:52 PM Edited on 11-14-2023 02:54 PM
Ok thank you. If they are in the same 7.4 ADOM but some fortigates are running 7.2 and some are running 7.4 will it work? I need a full mesh topology.
- in theory you can, but moving 7.2 FGTs to 7.4 ADOM will not move the policies and you will not be able to import them.
- you will need to create policies for the vpn
- there is a solution that may work, by creating external gateways and connecting them, that will need Professional Services help
Here is what I did. Please tell me if it will work. I had a 7.2 ADOM with my 7.2 FGTs. I imported the policies from the 7.2 FGTs and then upgraded the ADOM to 7.4. Then I added the 7.4 FGTs and imported there policies. My thought is I will be ok to push policies to both 7.2 and 7.4 FGTs, as long as I never make changes on the FGTs and make all changes from the FMG. Will this work, or should I downgrade my 100Fs to match my 100Es. 7.4 is not available for the 100Es. This is my dilemma.
This should work, only the policy import will not work
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1705 | |
1093 | |
752 | |
446 | |
230 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.