Fortinet black logo

Online Help

6.2.0
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.2.2
6.2.1
6.2.0
6.0.3
6.0.2
6.0.1
6.0.0

Requirements

Requirements

FortiGate Device mode migration requires connection through a FortiGate device to perform the REST-API install. Users can import the converted configuration directly to the target device from the import wizard page.

The configuration that may block the connection to the device can be replaced or removed by FortiConverter and marked with warning label on the import wizard. You need to configure these settings after the configuration import.

Below are some settings you may want to check.

  • config system global
    • set admin-sport
    • set admin-port
    • set admin-server-cert
    • set admin-maintainer
  • config system admin
  • config system replacemsg *
  • The config of the connection interface between FortiConverter and device.

Below are some settings that FortiConverter doesn’t import.

  • All certificate related
  • All encrypted password would be overridden to "12345678"
  • config user fortitoken

FortiOS does not support using REST API to configure the setting from transparent mode to operation mode, It will prompt the FortiGate network environment to reset and be disconnected.

Instead, you need to configure the setting from operation mode to transparent mode manually after import.

However, in the multi-vdom scenario, the REST API request does not trigger the FortiGate to reset the network environment. You can skip this requirement.

There are known issues in the RESTAPI of the FortiGate side. It may cause the import configuration to be incomplete but still shows that the import was successful, especially the profile configurations.

For example:

  • config webfilter profile.
  • config voip profile
  • config firewall profile-protocol-options
One suggestion is to review them by CLI Comparison and manually upload to the device.

After the import, review, and manually adjust, the restorable configuration which can be established by "Backup config". It downloads the configuration from the device and can restore it to another device.

Previous
Next

Requirements

FortiGate Device mode migration requires connection through a FortiGate device to perform the REST-API install. Users can import the converted configuration directly to the target device from the import wizard page.

The configuration that may block the connection to the device can be replaced or removed by FortiConverter and marked with warning label on the import wizard. You need to configure these settings after the configuration import.

Below are some settings you may want to check.

  • config system global
    • set admin-sport
    • set admin-port
    • set admin-server-cert
    • set admin-maintainer
  • config system admin
  • config system replacemsg *
  • The config of the connection interface between FortiConverter and device.

Below are some settings that FortiConverter doesn’t import.

  • All certificate related
  • All encrypted password would be overridden to "12345678"
  • config user fortitoken

FortiOS does not support using REST API to configure the setting from transparent mode to operation mode, It will prompt the FortiGate network environment to reset and be disconnected.

Instead, you need to configure the setting from operation mode to transparent mode manually after import.

However, in the multi-vdom scenario, the REST API request does not trigger the FortiGate to reset the network environment. You can skip this requirement.

There are known issues in the RESTAPI of the FortiGate side. It may cause the import configuration to be incomplete but still shows that the import was successful, especially the profile configurations.

For example:

  • config webfilter profile.
  • config voip profile
  • config firewall profile-protocol-options
One suggestion is to review them by CLI Comparison and manually upload to the device.

After the import, review, and manually adjust, the restorable configuration which can be established by "Backup config". It downloads the configuration from the device and can restore it to another device.

Previous
Next