OK newer news.
I started from scratch, from fresh NS8 VM, where I set the VPN related FQDN (or the leader node?) correctly from scratch, from the setup wizard.
This allowed migration in NS7 to query installed apps properly.
I don’t know if the migration will work but the issue of this thread is resolved.
So, I don’t know if the issue was that this FQDN was not set correctly from the beginning, or something else.
I do know that going to leader node and clicking to change FQDN FAILS the whole server. So this is definitely something to be looked at.