Wildcard
In some cases, you may not know the ID (i.e., serial number) of a FortiExtender, but still intend to pre-create an extender entry in the FortiGate for easy deployment. You can use the wildcard * (asterisk) in the "id"
attribute when manually creating an extender entry.
The rule for using wildcard is to have a 6-digit model name followed by 10 * (asterisks).
Below are the 6-digit model names of FortiExtender devices:
-
FX201E
-
FX211E
-
FX200F
-
FXA11F
-
FXE11F
-
FXA21F
-
FXE21F
-
FXA22F
-
FXE22F
-
FX212F
-
FX311F
-
FX312F
-
FX511F
-
FVG21F
-
FVA21F
-
FVG22F
-
FVA22F
-
FX04DA
Take FX200F for example. You can configure as follows:
config extender-controller extender
edit <entry> << any entry name you like (less than 15 characters)
set id FX200F**********
set extension lan-extension
set profile "FX200F-lanext-default"
next
end
You can also pre-authorize the entry as well, as shown below:
config extender-controller extender
edit <entry>
set authorized enable
set id FX200F**********
set extension lan-extension
set profile "FX200F-lanext-default"
next
end
Whenever a new FX200F joins (assuming its serial number is FX200F5919000001), the FortiGate will select the extender entry and replace the "id"
with its serial number. If there are more than two wildcard entries with the same model, it will choose the one that has "set authorized"
enabled because of its higher priority.
config extender-controller extender
edit entry1
set id FX201E**********
set extension lan-extension
set profile "FX201E-lanext-default"
next
edit entry2
set authorized enable
set id FX200F5919000001
set extension lan-extension
set profile "FX201E-lanext-default"
next
end