FortiAP Firmware Best Practice questions.
We manage quite a few fortigate's, over time life cycles of the Firewall vs. AP's with some of our clients got staggered. So for example, we have some FortiGate 60E's running FortiAP321C's.....not ideal I know, just the situation that we're in.
What that above scenario seems to have created:
Fortigate 60E - Latest firmware supported is 6.2.0+
FortiAP 321C - Latest Firmware revision is 6.0.0 (Can't go to 6.2.0).
The general consensus among colleagues and myself is we try to follow is matching the FortiAP/Fortigate Firmware, no exceptions. However I can't seem to find any official Fortinet documentation suggesting they need to match. A lot of here-say, and in most cases people are not in this staggered situation we're in.
Is it a sin to exceed the capable maximum FortiAP firmware revision with the Fortigate leaving the AP stuck on an older release?
What is the best practice in this scenario? Do we:
A) Keep our 60E's one major firmware revision behind and stay in the 6.0.0 Series?
B) Let the Fortigate exceed the AP's maximum firmware level?
Lets assume buying new AP's is not an option here please.
Sorry if the (official Fortinet) answer is somewhere simple, I've been digging through guides, update paths, admin pdf's, searches - this info may be readily available some where.... the ever shifting documentation platforms of the Forti-products has me bamboozled.