Sunday, January 28, 2018

Fortianalyzer License issues

I worked on moving a previous licensed  Fortinet FAZ-VM and ran into a simple but weird issue.

The license is tied to the device management address. So if you re-address the unit, the license check will fail.

You will not be able to  configured anything if the license is not  valid btw.

So how I got around this, I tried at first to see if I could apply a secondary address by using the old address. This was not possible.

So next , I  attempted to define  a loopback-interface by using the old_address, & again not possible.

So I ended up  reapplying  the old_address on one of the other 3 unused ports. This and reboot, cause a  re-activation of the license and  unit was again operational.

So knowing this, I wonder how strong is  the license enforcement on a FAZ-VM image.

Ken Felix

NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com
     ^      ^
=(  @  @ )=
        /  \


  1. Or you just change the IP in the support portal and redownload the license file

  2. Thanks, I didn't know that you could do that. I just click the edit button and see the address assigned can be edit.