Fortinet black logo

Admin Guide (FGT-Managed)

Home FortiExtender 7.0.2 Admin Guide (FGT-Managed)

Discover a FortiExtender unit

7.0.2
7.4.1
7.4.0
7.2.5
7.2.0
7.0.3
7.0.2
7.0.1
Copy Link
Copy Doc ID f8fff28d-2d31-11ec-9c99-00505692583a:53094
Download PDF

Discover a FortiExtender unit

For a FortiGate acting as the access controller (AC) to discover a FortiExtender unit, the FortiExtender must be able to reach the FortiGate. There are two ways in which a FortiExtender with the factory default configuration can be discovered by a FortiGate:

  • Broadcast

  • Static IP

Broadcast

FortiExtender can be discovered when sending broadcast traffic in its local subnet. In this case, the FortiGate and the FortiExtender must be in the same subnet. The interfaces specified in "discovery-intf" configured on the FortiExtender should include the interface that can reach out to FortiGate, as shown in the example below:

config system management fortigate

set ac-discovery-type broadcast

set discovery-intf lan port4

end

Static

The FortiExtender sends discover requests to a preconfigured IP address on the FortiGate. You can specify multiple FortiGates in IPv4-address or FQDN format. The FortiExtender will choose one that it can reach and connect. You can specify up to 16 FortiGate entries in the configuration. See the following example:

config system management fortigate

set ac-discovery-type static

config static-ac-addr

edit 1

set server 192.168.1.99

next

edit 2

set server fortinent.com

next

end

set discovery-intf lan port4

end

For FortiGate, you must ensure that the interface used for discovery should have allowaccess with "fabric", as shown in the example below:

config system interface

edit "lan"

set vdom "root"

set ip 192.168.1.99 255.255.255.0

set allowaccess ping https ssh fgfm fabric << fabric should be one option in allowaccess

set type hard-switch

set stp enable

set role lan

set snmp-index 21

next

end

Previous
Next

Discover a FortiExtender unit

For a FortiGate acting as the access controller (AC) to discover a FortiExtender unit, the FortiExtender must be able to reach the FortiGate. There are two ways in which a FortiExtender with the factory default configuration can be discovered by a FortiGate:

  • Broadcast

  • Static IP

Broadcast

FortiExtender can be discovered when sending broadcast traffic in its local subnet. In this case, the FortiGate and the FortiExtender must be in the same subnet. The interfaces specified in "discovery-intf" configured on the FortiExtender should include the interface that can reach out to FortiGate, as shown in the example below:

config system management fortigate

set ac-discovery-type broadcast

set discovery-intf lan port4

end

Static

The FortiExtender sends discover requests to a preconfigured IP address on the FortiGate. You can specify multiple FortiGates in IPv4-address or FQDN format. The FortiExtender will choose one that it can reach and connect. You can specify up to 16 FortiGate entries in the configuration. See the following example:

config system management fortigate

set ac-discovery-type static

config static-ac-addr

edit 1

set server 192.168.1.99

next

edit 2

set server fortinent.com

next

end

set discovery-intf lan port4

end

For FortiGate, you must ensure that the interface used for discovery should have allowaccess with "fabric", as shown in the example below:

config system interface

edit "lan"

set vdom "root"

set ip 192.168.1.99 255.255.255.0

set allowaccess ping https ssh fgfm fabric << fabric should be one option in allowaccess

set type hard-switch

set stp enable

set role lan

set snmp-index 21

next

end

Previous
Next