Fortinet white logo
Fortinet white logo

Azure vWAN SD-WAN NGFW Deployment Guide

7.4.0

Normalized interfaces

Appendix B - Normalized interfaces

Note

The SD-WAN overlay wizard automatically generates normalized interfaces that this guide demonstrates.

Because the policy package uses interface objects instead of directly referring to the interface, we can link the interface objects with the actual interfaces on any/all devices. We do this by creating normalized interfaces with per-platform mappings.

To create normalized interfaces:
  1. In FortiManager, go to Policy & Objects > Object Configurations > Normalized Interface.
  2. In the content pane, click Create New.

    The Create New Normalized Interface pane opens.

  3. Set Name to HUB1.
  4. Under Per-Platform Mapping, click Create New. The Create New Per-Platform Mapping dialog box is displayed.
  5. Set the following options, and click OK:

    Matched Platform

    Select all.

    Mapped Interface Name

    Type HUB1.

    Tooltip

    The mapped interface is case sensitive. It must exactly match the interface on the target FortiGate.

    The per-platform mapping is created.

  6. Repeat this procedure to the following per-platform mappings:

    Normalized Interface

    Matching Type

    Mapped Interface/Zone

    HUB1

    Matched Platform: all

    HUB1

    HUB2

    Matched Platform: all

    HUB2

    VPN1

    Matched Platform: all

    VPN1

    WAN1

    Matched Platform: all

    WAN1

    HUB-Loopback

    Mapped Device: HUB1

    HUB1-Lo

    Mapped Device: HUB2

    HUB2-Lo

    LAN

    Matched Platform: all

    port3

    Mapped Device: Cloud-Gateway

    port2

    Branches

    Matched Platform: all

    Branches

All the per-platform mappings are created:

Tooltip

If you are using different ports for LAN between branches, you can leverage per-device mapping to override the matched platform: all.

Normalized interfaces

Appendix B - Normalized interfaces

Note

The SD-WAN overlay wizard automatically generates normalized interfaces that this guide demonstrates.

Because the policy package uses interface objects instead of directly referring to the interface, we can link the interface objects with the actual interfaces on any/all devices. We do this by creating normalized interfaces with per-platform mappings.

To create normalized interfaces:
  1. In FortiManager, go to Policy & Objects > Object Configurations > Normalized Interface.
  2. In the content pane, click Create New.

    The Create New Normalized Interface pane opens.

  3. Set Name to HUB1.
  4. Under Per-Platform Mapping, click Create New. The Create New Per-Platform Mapping dialog box is displayed.
  5. Set the following options, and click OK:

    Matched Platform

    Select all.

    Mapped Interface Name

    Type HUB1.

    Tooltip

    The mapped interface is case sensitive. It must exactly match the interface on the target FortiGate.

    The per-platform mapping is created.

  6. Repeat this procedure to the following per-platform mappings:

    Normalized Interface

    Matching Type

    Mapped Interface/Zone

    HUB1

    Matched Platform: all

    HUB1

    HUB2

    Matched Platform: all

    HUB2

    VPN1

    Matched Platform: all

    VPN1

    WAN1

    Matched Platform: all

    WAN1

    HUB-Loopback

    Mapped Device: HUB1

    HUB1-Lo

    Mapped Device: HUB2

    HUB2-Lo

    LAN

    Matched Platform: all

    port3

    Mapped Device: Cloud-Gateway

    port2

    Branches

    Matched Platform: all

    Branches

All the per-platform mappings are created:

Tooltip

If you are using different ports for LAN between branches, you can leverage per-device mapping to override the matched platform: all.