Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Azure vWAN SD-WAN NGFW Deployment Guide

    Home FortiGate Public Cloud 7.2.0 Azure vWAN SD-WAN NGFW Deployment Guide
    7.2.0
    7.6.0
    7.4.0
    7.2.0

    Scripts for hub FortiGates in Azure vWAN

    Scripts for hub FortiGates in Azure vWAN

    Following is an overview of how to create and install scripts to Hub1 and Hub2 FortiGates in Azure vWAN:

    1. Create a script for Hub1 FortiGate in Azure vWAN. See Creating a script for Hub1.
    2. Create a script for Hub2 FortiGate in Azure vWAN. See Creating a script for Hub2.
    3. Install the scripts to Hub1 and Hub2 FortiGates in Azure vWAN. See Installing scripts to hub FortiGates .

    Creating a script for Hub1

    To create a script for Hub1 FortiGate:

    1. In FortiManager, go to Device Manager > Scripts.

    2. Click Create New > Script to create a new script for Hub1 FortiGate.

    3. Set Script Name box to Hub1.

    4. In the Script details box, paste the following script. Be sure to set the correct remote-ip for the VXLAN tunnel:

      config system vxlan
edit "VXLAN-to-Hub2"
set interface "port1"
set vni 1500
set remote-ip "<port1 IP of Hub2>"
next
end
config system interface
edit "VXLAN-to-Hub2"
set vdom "root"
set ip 169.254.40.1/30
set allowaccess ping
set type vxlan
set interface "port1"
next
end
config router static
edit 0
set gateway 169.254.40.2
set distance 5
set priority 60000
set device "VXLAN-to-Hub2" set comment "Default summary for RPF via VXLAN"
next end

    5. Expand Advanced Device Filters, and select Hub1 from the dropdown.

      The name of Hub1 FortiGate should end in 0.

    6. Click OK to save the script.

    Creating a script for Hub2

    To create a script for Hub2:

    1. Click Create New > Script to create a script for Hub2 FortiGate.

    2. Set Script Name box to Hub2.

    3. In the Script details box, paste the following script. Be sure to set the correct remote-ip for the VXLAN tunnel:

      config system vxlan
edit "VXLAN-to-Hub1"
set interface "port1"
set vni 1500
set remote-ip "<port1 IP of Hub1>"
next
end
config system interface
edit "VXLAN-to-Hub1"
set vdom "root"
set ip 169.254.40.2/30
set allowaccess ping
set type vxlan
set interface "port1"
next
end
config router static
edit 0
set gateway 169.254.40.1
set distance 5
set priority 60000
set device "VXLAN-to-Hub1"
set comment "Default summary for RPF via VXLAN"
next end

    4. Expand Advanced Device Filters, and select Hub2 from the dropdown.

      The name of Hub2 FortiGate should end in 1.

    5. Click OK to save the script.

    Installing scripts to hub FortiGates

    To install scripts to hubs 1 and 2:
    1. In Device Manager > Devices & Groups, select your hub group.
    2. Right click on Hub1 FortiGate, and select Run Script. The Run Script on Device window is displayed.

      The name of Hub1 FortiGate should end in 0.

    3. Select your script named Hub1, and click Run Now.
    4. When finished, right click your Hub2 FortiGate, and select Run Script. The Run Script on Device window is displayed.

      The name of the Hub2 FortiGate should end in 1.

    5. Select your script named Hub2, and click Run Now.
    Previous
    Next

    Scripts for hub FortiGates in Azure vWAN

    Scripts for hub FortiGates in Azure vWAN

    Following is an overview of how to create and install scripts to Hub1 and Hub2 FortiGates in Azure vWAN:

    1. Create a script for Hub1 FortiGate in Azure vWAN. See Creating a script for Hub1.
    2. Create a script for Hub2 FortiGate in Azure vWAN. See Creating a script for Hub2.
    3. Install the scripts to Hub1 and Hub2 FortiGates in Azure vWAN. See Installing scripts to hub FortiGates .

    Creating a script for Hub1

    To create a script for Hub1 FortiGate:

    1. In FortiManager, go to Device Manager > Scripts.

    2. Click Create New > Script to create a new script for Hub1 FortiGate.

    3. Set Script Name box to Hub1.

    4. In the Script details box, paste the following script. Be sure to set the correct remote-ip for the VXLAN tunnel:

      config system vxlan
edit "VXLAN-to-Hub2"
set interface "port1"
set vni 1500
set remote-ip "<port1 IP of Hub2>"
next
end
config system interface
edit "VXLAN-to-Hub2"
set vdom "root"
set ip 169.254.40.1/30
set allowaccess ping
set type vxlan
set interface "port1"
next
end
config router static
edit 0
set gateway 169.254.40.2
set distance 5
set priority 60000
set device "VXLAN-to-Hub2" set comment "Default summary for RPF via VXLAN"
next end

    5. Expand Advanced Device Filters, and select Hub1 from the dropdown.

      The name of Hub1 FortiGate should end in 0.

    6. Click OK to save the script.

    Creating a script for Hub2

    To create a script for Hub2:

    1. Click Create New > Script to create a script for Hub2 FortiGate.

    2. Set Script Name box to Hub2.

    3. In the Script details box, paste the following script. Be sure to set the correct remote-ip for the VXLAN tunnel:

      config system vxlan
edit "VXLAN-to-Hub1"
set interface "port1"
set vni 1500
set remote-ip "<port1 IP of Hub1>"
next
end
config system interface
edit "VXLAN-to-Hub1"
set vdom "root"
set ip 169.254.40.2/30
set allowaccess ping
set type vxlan
set interface "port1"
next
end
config router static
edit 0
set gateway 169.254.40.1
set distance 5
set priority 60000
set device "VXLAN-to-Hub1"
set comment "Default summary for RPF via VXLAN"
next end

    4. Expand Advanced Device Filters, and select Hub2 from the dropdown.

      The name of Hub2 FortiGate should end in 1.

    5. Click OK to save the script.

    Installing scripts to hub FortiGates

    To install scripts to hubs 1 and 2:
    1. In Device Manager > Devices & Groups, select your hub group.
    2. Right click on Hub1 FortiGate, and select Run Script. The Run Script on Device window is displayed.

      The name of Hub1 FortiGate should end in 0.

    3. Select your script named Hub1, and click Run Now.
    4. When finished, right click your Hub2 FortiGate, and select Run Script. The Run Script on Device window is displayed.

      The name of the Hub2 FortiGate should end in 1.

    5. Select your script named Hub2, and click Run Now.
    Previous
    Next