Appendix B - Normalized interfaces
The SD-WAN overlay wizard automatically generates normalized interfaces that this guide demonstrates. |
Because the policy package uses interface objects instead of directly referring to the interface, we can link the interface objects with the actual interfaces on any/all devices. We do this by creating normalized interfaces with per-platform mappings.
To create normalized interfaces:
- In FortiManager, go to Policy & Objects > Object Configurations > Normalized Interface.
- In the content pane, click Create New.
The Create New Normalized Interface pane opens.
- Set Name to HUB1.
- Under Per-Platform Mapping, click Create New. The Create New Per-Platform Mapping dialog box is displayed.
- Set the following options, and click OK:
Matched Platform
Select all.
Mapped Interface Name
Type HUB1.
The mapped interface is case sensitive. It must exactly match the interface on the target FortiGate.
The per-platform mapping is created.
- Repeat this procedure to the following per-platform mappings:
Normalized Interface
Matching Type
Mapped Interface/Zone
HUB1
Matched Platform: all
HUB1
HUB2
Matched Platform: all
HUB2
VPN1
Matched Platform: all
VPN1
WAN1
Matched Platform: all
WAN1
HUB-Loopback
Mapped Device: HUB1
HUB1-Lo Mapped Device: HUB2
HUB2-Lo LAN
Matched Platform: all
port3 Mapped Device: Cloud-Gateway
port2
Branches
Matched Platform: all
Branches
All the per-platform mappings are created:
If you are using different ports for LAN between branches, you can leverage per-device mapping to override the matched platform: all. |