Fortinet black logo

Cookbook

Nuage SDN connector

Copy Link
Copy Doc ID 9bd2f947-ece6-11ec-bb32-fa163e15d75b:797266
Download PDF

Nuage SDN connector

Nuage SDN connectors can be used in dynamic firewall addresses.

The Fortinet SDN Connector for Cisco ACI and Nuage Networks is a standalone connector that connects to SDN controllers within Cisco ACI and Nuage Networks. You must configure a connection to the Fortinet SDN connector in FortiOS to query the dynamic addresses.

To configure a Nuage connector in the GUI:
  1. Create the Nuage SDN connector:
    1. Go to Security Fabric > Fabric Connectors and click Create New.
    2. In the Private SDN section, click Nuage Virtualized Services Platform.
    3. Configure the settings as needed.
    4. Click OK.

  2. Create the dynamic firewall address for the connector:
    1. Go to Policy & Objects > Addresses and click Create New > Address.
    2. Configure the following settings:
      1. For Type, select Dynamic.
      2. For Sub Type, select Fabric Connector Address.
      3. For SDN Connector, select the first the first Nuage connector.
      4. Configure the remaining settings as needed.
    3. Click OK.

To verify the SDN connector resolves the dynamic firewall IP addresses in the GUI:
  1. Go to Policy & Objects > Addresses.
  2. In the address table, hover over an address to view which IP addresses it resolves to.
To configure a Nuage connector in the CLI:
  1. Create the SDN connector:
    config system sdn-connector
        edit "nuage1"
            set type nuage
            set server "172.18.64.27"
            set server-port 5671
            set username "admin"
            set password xxxxxxx
        next
    end
  2. Create the dynamic firewall address for the connector:
    config firewall address
        edit "nuage-address1"
            set type dynamic
            set sdn "nuage1"
            set color 19
            set organization "nuage/L3"
            set subnet-name "Subnet20"
        next
    end
To verify the SDN connector resolves the dynamic firewall IP addresses in the CLI:
# diagnose firewall dynamic list

List all dynamic addresses:
nuage1.nuage.nuage/L3.Subnet20.*: ID(196)
        ADDR(192.168.20.92)
        ADDR(192.168.20.240)

Nuage SDN connector

Nuage SDN connectors can be used in dynamic firewall addresses.

The Fortinet SDN Connector for Cisco ACI and Nuage Networks is a standalone connector that connects to SDN controllers within Cisco ACI and Nuage Networks. You must configure a connection to the Fortinet SDN connector in FortiOS to query the dynamic addresses.

To configure a Nuage connector in the GUI:
  1. Create the Nuage SDN connector:
    1. Go to Security Fabric > Fabric Connectors and click Create New.
    2. In the Private SDN section, click Nuage Virtualized Services Platform.
    3. Configure the settings as needed.
    4. Click OK.

  2. Create the dynamic firewall address for the connector:
    1. Go to Policy & Objects > Addresses and click Create New > Address.
    2. Configure the following settings:
      1. For Type, select Dynamic.
      2. For Sub Type, select Fabric Connector Address.
      3. For SDN Connector, select the first the first Nuage connector.
      4. Configure the remaining settings as needed.
    3. Click OK.

To verify the SDN connector resolves the dynamic firewall IP addresses in the GUI:
  1. Go to Policy & Objects > Addresses.
  2. In the address table, hover over an address to view which IP addresses it resolves to.
To configure a Nuage connector in the CLI:
  1. Create the SDN connector:
    config system sdn-connector
        edit "nuage1"
            set type nuage
            set server "172.18.64.27"
            set server-port 5671
            set username "admin"
            set password xxxxxxx
        next
    end
  2. Create the dynamic firewall address for the connector:
    config firewall address
        edit "nuage-address1"
            set type dynamic
            set sdn "nuage1"
            set color 19
            set organization "nuage/L3"
            set subnet-name "Subnet20"
        next
    end
To verify the SDN connector resolves the dynamic firewall IP addresses in the CLI:
# diagnose firewall dynamic list

List all dynamic addresses:
nuage1.nuage.nuage/L3.Subnet20.*: ID(196)
        ADDR(192.168.20.92)
        ADDR(192.168.20.240)