I ask this question to Indonesia Forti employee this morning
Let say I have Fortigate HA with same model.
Later next year my model already EOL.
If one of Fortigate died and need to be replaced with newer model.
He said that must use same model
QUESTIONS: 1. anyone tried replacing with newer and better model. maybe not exactly the same model but similar model. number of ports are the same but maybe faster CPU and bigger RAM tq
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hardware revision refers to the same model ie 200E but the hardware inside might be different, like the hard drive.
From Fortigate:
Some FortiGate models have multiple versions of hardware. Typically this means minor changes such as an increase of memory or a different disk drive vendor while retaining the same major platform name. These different versions are known as "revision" levels (For example FortiGate 5001B rev1, FortiGate 5001B rev2).
VRRP will work with Fortigates but IMHO it's clumsy and takes a lot of time for failover. No comparison to FOS HA.
Usually, if I run a FGT HA cluster, my devices have at least a FortiCare subscription. If one unit fails, I have it replaced, and it's Fortinet's trouble to supply the same model even if it's out of production. I guess your case is different...
Hello nbctcp,
Sorry but it can't be done. Fortigate devices should be the same model to form a cluster.
Regards,
Eudes Braga
How about this # execute ha ignore-hardware-revision enable
Hardware revision refers to the same model ie 200E but the hardware inside might be different, like the hard drive.
From Fortigate:
Some FortiGate models have multiple versions of hardware. Typically this means minor changes such as an increase of memory or a different disk drive vendor while retaining the same major platform name. These different versions are known as "revision" levels (For example FortiGate 5001B rev1, FortiGate 5001B rev2).
If that the case then when that happen I need to change from HA to VRRP
[link]https://forum.fortinet.com/tm.aspx?m=160969[/link]
VRRP will work with Fortigates but IMHO it's clumsy and takes a lot of time for failover. No comparison to FOS HA.
Usually, if I run a FGT HA cluster, my devices have at least a FortiCare subscription. If one unit fails, I have it replaced, and it's Fortinet's trouble to supply the same model even if it's out of production. I guess your case is different...
Also, VRRP won't provide configuration sync, which can be a problem.
Yes there is an option on HA configuration to ignore diffs in hardware , meaning for example 300C with 300E not 300C with 1500C ....
see:
https://kb.fortinet.com/kb/viewContent.do?externalId=FD35376&sliceId=1
--------------------------------------------
If all else fails, use the force !
It didn't mention 300C to 300E but FortiGate 5001B rev1, FortiGate 5001B rev2.
Another alternative instead of hardware then use vm.
But I don't know whether the same license key can be used in case of replacing server hardware
You do know a 300C and 300E are not even close to be identical ( cpu, memory, and number and type of ports & PS ).
Let's be clear, "no you can not make a HA cluster with a 300C and 300E".
Ken Felix
PCNSE
NSE
StrongSwan
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1517 | |
1013 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.