Hello all,
Sorry for the title but let me explain..
So a customer of ours have a broken fortigate 50E that will need to be replaced, they have done an RMA and will soon receive a new 50E (they have a plan to upgrade to a 61F soon as well).
Anyway, I was wondering if there is an easy way to do a backup and just upload the configuration to the new firewall? Usually, what I do in these kind of situations, I just do a backup of the old one, take that backup file and then upload to the script option in the new firewall.
But is there a better way to do this, a more simpler, efficient and secure way to do this task? One of the risks I'm thinking of (and please correct me if I'm wrong) is a syntax change between different models, especially when I need to replace the old 50E to the new 61F in the future. Not sure if there is a syntax change between models, more likely it would be between versions I would say, but not sure. It would suck to upload a config via the script options and then get many errors etc.
So
When replacing firewalls, is there a efficient, simpler and more secure way to do a backup and then upload it to the new firewall?
When for example doing a backup of an old fortigate, for example, let say when I will be replacing a 50E to a 61F later on, and let say that the the 50E is on version 6.4.11: before uploading the backup config of the 50E to 61F, I make the 61F to be on version 6.4.11, then uploading the backup config of 50E to 61F and then upgrading the 61F to for example 7.0.9 etc. Is that a good way to go?
Appreciate all help!
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello,
Uploading configuration from one hardware platform to another hardware platform is not supported. You may consider to use FortiConvertor to convert FortiGate 50E configuration to FortiGate 61F or configure new FortiGate 61F from scratch. Please find more details about FortiConvertor by following the link below:
https://www.fortinet.com/products/next-generation-firewall/forticonverter
Hi,
there is no easier way beyond the mentioned Forticonverter to migrate configs between different hardware models. Fortivonverter can be used in 2 ways:
So the way you did it - export the config file from 50E, fix manually the differences - interface names, rules, and import manually to the new one is the way. The 50E is hardly to have complex enough configs to be an issue for that.
I once had to manually transfer config in emergency mode from failed 1500D, as a VDOM to another 1500D, and it was a lot of configs to fix. Nevertheless, using just Notepad++, 1,5 hour later the new FGT1500D was up and running, so where there is a will there is a way :).
Hello,
Manually modifying configuration in the notepad is strongly not recommended, since there is no input validation, which may lead to typos and unexpected behavior.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.