Fortinet black logo

Upgrade Instructions and Considerations

Home FortiNAC 9.1.0 Upgrade Instructions and Considerations

High Availability Environments

9.1.0
9.4.0
9.2.0
9.1.0
8.8.0
8.7.0
8.6.0
8.5.0
8.3.0
Copy Link
Copy Doc ID 152e0729-7782-11eb-9995-00505692583a:87489
Download PDF

High Availability Environments

The upgrade is performed on the Primary Server and automatically updates the Secondary Server(s).

If the Secondary Server(s) is in control, FortiNAC prevents you from updating and displays a message with detailed instructions indicating that the Primary must be running and in control.

Before upgrade

Verify all the appliances in the HA system are in the proper status:

  • The Primary Server is running and in control.
  • The Secondary Server(s) are running and not in control. This can be verified by viewing the Summary pane in the Dashboard of the Administration UI.
Upgrade System

Update the Primary server following the instructions for a regular system update. See Upgrade Using the Administration UI.

After Upgrade
  1. Exit and re-launch browser
  2. (Appliances using Perpetual Licenses) Validate Secondary Server has the same entitlements as the Primary.
    1. Navigate to System > Settings > System Management > License Management.
    2. Select the Secondary Server from the drop-down menu. The License Key Detail should contain the expected license information on both appliances.

If entitlements on both servers match, proceed to step 3.

If Secondary does not display entitlements, copy the entitlements to the Secondary.

UI Method

Important: This method restarts both the Primary and Secondary servers.

  1. In the Administration UI, navigate to System > Settings > System Management > High Availability
  2. The current High Availability configuration should be displayed. Click Save Settings to re-apply.
  3. Once High Availability configuration is completed (will take several minutes), navigate to System > Settings > System Management > License Management
  4. Select the Secondary Server from the drop-down menu. The License Key Detail should contain the expected license information on both appliances.
  5. Proceed to step 3.
CLI Method

This method does not restart servers.

  1. Login as root to the Secondary Server CLI
  2. Copy entitlements from the Primary Server.

    Type 

    scp cm1:/bsc/campusMgr/.licenseKey /bsc/campusMgr/.licenseKeyPrimary
  3. Verify entitlements now reflect the new license.

    Type 

    licensetool -key FILE -file /bsc/campusMgr/.licenseKeyPrimary

    Note: Serial, MAC and UUID will reflect the Primary Server. This is normal.

  4. Proceed to step 3.

  1. Run the Auto Definition Update Synchronization scheduled task to get the most recent definitions for Anti-Virus, Anti-Spyware and the valid vendor codes.
    1. Navigate to System > Scheduler
    2. Click Auto-Definition Synchronizer
    3. Click Run Now
Previous
Next

High Availability Environments

The upgrade is performed on the Primary Server and automatically updates the Secondary Server(s).

If the Secondary Server(s) is in control, FortiNAC prevents you from updating and displays a message with detailed instructions indicating that the Primary must be running and in control.

Before upgrade

Verify all the appliances in the HA system are in the proper status:

  • The Primary Server is running and in control.
  • The Secondary Server(s) are running and not in control. This can be verified by viewing the Summary pane in the Dashboard of the Administration UI.
Upgrade System

Update the Primary server following the instructions for a regular system update. See Upgrade Using the Administration UI.

After Upgrade
  1. Exit and re-launch browser
  2. (Appliances using Perpetual Licenses) Validate Secondary Server has the same entitlements as the Primary.
    1. Navigate to System > Settings > System Management > License Management.
    2. Select the Secondary Server from the drop-down menu. The License Key Detail should contain the expected license information on both appliances.

If entitlements on both servers match, proceed to step 3.

If Secondary does not display entitlements, copy the entitlements to the Secondary.

UI Method

Important: This method restarts both the Primary and Secondary servers.

  1. In the Administration UI, navigate to System > Settings > System Management > High Availability
  2. The current High Availability configuration should be displayed. Click Save Settings to re-apply.
  3. Once High Availability configuration is completed (will take several minutes), navigate to System > Settings > System Management > License Management
  4. Select the Secondary Server from the drop-down menu. The License Key Detail should contain the expected license information on both appliances.
  5. Proceed to step 3.
CLI Method

This method does not restart servers.

  1. Login as root to the Secondary Server CLI
  2. Copy entitlements from the Primary Server.

    Type 

    scp cm1:/bsc/campusMgr/.licenseKey /bsc/campusMgr/.licenseKeyPrimary
  3. Verify entitlements now reflect the new license.

    Type 

    licensetool -key FILE -file /bsc/campusMgr/.licenseKeyPrimary

    Note: Serial, MAC and UUID will reflect the Primary Server. This is normal.

  4. Proceed to step 3.

  1. Run the Auto Definition Update Synchronization scheduled task to get the most recent definitions for Anti-Virus, Anti-Spyware and the valid vendor codes.
    1. Navigate to System > Scheduler
    2. Click Auto-Definition Synchronizer
    3. Click Run Now
Previous
Next