The default FortiExtender profile
In some circumstances, a default profile (or 2 default profiles) will be automatically generated.
The profile or profiles are generated based on the FortiExtender model. For FortiExtender models without LTE/5G modems, such as FortiExtender 200F, FortiGate will generate a LAN extension profile as follows:
config extension-controller extender-profile
edit "FX200F-lanext-default"
set id 0
set model FX200F
set extension lan-extension
config lan-extension
set link-loadbalance loadbalance
set ipsec-tunnel "fext-ipsec-WrXw"
set backhaul-interface "port2"
config backhaul
edit "1"
set port port1
next
edit "2"
set port port2
next
end
end
next
end
In this default FortiExtender 200F profile, there are two default backhaul ports: port1 and port2. It indicates that the FortiExtender 200F will use its port1 and port2 for the uplinks connected to the FortiGate. The underlying data transportation will be VLAN over IPsec, which is transparent to users.
These two ports will be linked as an aggregated interface in the FortiExtender and you can specify load-balance mode on it. More detailed LAN extension configuration is covered in LAN extension configuration in a profile.
For FortiExtender models with LTE/5G modems, two default profiles will be generated: one for WAN extension and the other for LAN extension.
For WAN extension, the default profile with default values for FortiExtender 201E is as follows:
|
The following example is for illustration only. |
config extension-controller extender-profile
edit "FX201E-wanext-default"
set id 2
config cellular
config sms-notification
end
config modem1
end
end
next
end# get FX201E-wanext-default (default value will be shown below)
name : FX201E-wanext-default
id : 2
model : FX201E
extension : wan-extension
allowaccess :
login-password-change: no
cellular:
dataplan :
controller-report:
status : disable
sms-notification:
status : disable
modem1:
redundant-mode : disable
conn-status : 0
default-sim : sim1
gps : enable
sim1-pin : disable
sim2-pin : disable
auto-switch:
disconnect : disable
signal : disable
dataplan : disable
switch-back :
switch-back-time : 00:01
switch-back-timer : 86400
For the LAN extension, the default profile for the FortiExtender 201E generated on the FortiGate would look as follows. For details of LAN extension configuration, go to LAN extension configuration in a profile.
config extension-controller extender-profile
edit "FX201E-lanext-default"
set id 3
set extension lan-extension
config cellular
config sms-notification
end
config modem1
end
end
config lan-extension
set ipsec-tunnel "fext-ipsec-ut4Z"
set backhaul-interface "lan"
config backhaul
edit "1"
set port wan
set role primary
next
edit "2"
set port lte1
set role secondary
next
end
end
next
end
# get FX201E-wanext-default (default value will be shown below)
name : FX201E-lanext-default
id : 3
model : FX201E
extension : lan-extension
allowaccess :
login-password-change: no
enforce-bandwidth : disable
cellular:
dataplan :
controller-report:
status : disable
sms-notification:
status : disable
modem1:
redundant-mode : disable
conn-status : 0
default-sim : sim1
gps : enable
sim1-pin : disable
sim2-pin : disable
auto-switch:
disconnect : disable
signal : disable
dataplan : disable
switch-back :
switch-back-time : 00:01
switch-back-timer : 86400
lan-extension:
link-loadbalance : activebackup
ipsec-tunnel : fext-ipsec-ut4Z
backhaul-interface : lan
backhaul-ip :
backhaul:
== [ 1 ]
name: 1
== [ 2 ]
name: 2
|
After upgrading to 7.0.2 or later from 3.2, the default behavior is config extension-controller extender-profile
edit "FX211E-wanext-default"
set allowaccess ping https
set login-password-change no
end
|