LAN extension configuration in a profile
The following example shows the lan extension configuration in an LAN extension profile.
FortiGate (extender-profile) # get FX200F-lanext-default name : FX200F-lanext-default id : 4 model : FX200F extension : lan-extension allowaccess : login-password-change: no enforce-bandwidth : enable bandwidth-limit : 200 lan-extension: link-loadbalance : loadbalance ipsec-tunnel : fext-ipsec-rthk backhaul-interface : lan backhaul-ip : backhaul: == [ 1 ] name: 1 == [ 2 ] name: 2
Parameter | Description |
---|---|
name
|
The profile entry name |
id
|
The profile ID (for system internal record) |
model
|
The FortiExtender model for this profile |
extension [lan-extension | wan-extension]
|
The extension type for this profile |
alloweaccess [telent|http|https|snmp|ping|ssh] |
The multi-option setting for the lan-extension switch interface of the FortiExtender. For more details, refer to "Allowaccess for LAN extension". |
login-password-change [yes|no|default]
|
The setting of admin password of FortiExtenders. For more details, ones can refer to the section of "Admin login password" |
enforce-bandwidth [enable|disable]
|
Enable or disable enforcement of bandwidth limit. Note: |
bandwidth-limit
|
Specify the bandwidth limit. |
|
Two ports are configured for FortiExtender for load-balancing. For |
|
This is the IPsec tunnel interface that will be used in underlying data transportation. It provide secure connection between a FortiExtender and a FortiGate. This entry will be auto-generated and the setting here is for information. |
|
This is the egress interface for data transportation between the FortiGate and the other FortiExtenders using this profile. The default will be automatically filled with the interface that is used to manage FortiExtender. You can configure it based on your network topology. |
|
This is used for FortiGate behind a NAT device (or DNAT, LoadBalancer, etc.). The backhaul-ip is the external IP of the NAT device. For more details, refer to "The backhaul IP for LAN extension". |
The following is an example of backhaul configuration.
FortiGate (backhaul) # edit 1 FortiGate (1) # get name : 1 port : port1 weight : 1
If link-loadbalance is configured as "activebackup", the following will be shown.
name : 1
port : port1
role : primary
Parameter | Description |
---|---|
name
|
The name of the backhaul entry. |
port
|
The port in FortiExtender that sends traffic to FortiGate in LAN extension. |
weight
|
Enter the weight if the link-loadbalance is configured as "loadbalance" |
|
Specify whether the port is primary or secondary. |