Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • SD-WAN Deployment for MSSPs

    Home FortiGate / FortiOS 7.4.0 SD-WAN Deployment for MSSPs
    7.4.0
    7.4.0
    7.2.0
    7.0.0
    6.4.0

    Variables

    Variables

    Let us discuss the topic of per-device variables in more detail.

    In our deployment workflow, three types of variables must be set:

    1. Variables used by the backend of the Jinja Orchestrator (by the "code"): region, profile, loopback, and hostname. These variables are mandatory for all devices.

    2. Variables used in the Project Template (that is, added by the user). In our example project, the mandatory variables in this category are: lan_ip and mpls_wan_ip.

    3. Variables used in other Provisioning Templates (also added by the user). In our example project, the only mandatory variable in this category is mpls_wan_gateway.

    While the first category is dictated by the Jinja Orchestrator, the variables in the other two categories are explicitly created by the user. They depend on how the project is modeled and templated. You are free to create as many variables as deemed necessary to make your templates more generic and hence more reusable.

    To examine the variables on FortiManager, go to Policy & Objects > Advanced.

    Note the following important properties of the variables:

    • Their scope is per ADOM. (Each ADOM can have its own list of variables.)

    • They support default values. (Hence, they do not have to be set for each device, when most devices must share the same value.)

    Returning to our example project, the following tables describe the used variables. Pay special attention to the example values. For example, the LAN interface IP must be given together with the subnet mask, while the loopback IP or the next-hop gateway IP must not.

    Variables used by the backend:

    Variable

    Description

    Example
    region One of the regions defined in the Project Template West

    profile

    One of the profiles defined in the Project Template

    		Silver

    loopback

    Loopback IP (for the overlay network)

    		10.200.1.1

    hostname

    Device hostname

    		 site1-1

    lan_ip

    IP/mask of the LAN-facing interface

    10.0.1.1/24

    mpls_wan_ip

    IP/mask for the MPLS underlay interface

    172.16.0.1/29

    Variables used in Provisioning Templates (in our example project only):

    Variable

    Description

    Example
    mpls_wan_gateway

    Next-hop gateway IP for the MPLS underlay

    		 172.16.0.2
    Previous
    Next

    Variables

    Variables

    Let us discuss the topic of per-device variables in more detail.

    In our deployment workflow, three types of variables must be set:

    1. Variables used by the backend of the Jinja Orchestrator (by the "code"): region, profile, loopback, and hostname. These variables are mandatory for all devices.

    2. Variables used in the Project Template (that is, added by the user). In our example project, the mandatory variables in this category are: lan_ip and mpls_wan_ip.

    3. Variables used in other Provisioning Templates (also added by the user). In our example project, the only mandatory variable in this category is mpls_wan_gateway.

    While the first category is dictated by the Jinja Orchestrator, the variables in the other two categories are explicitly created by the user. They depend on how the project is modeled and templated. You are free to create as many variables as deemed necessary to make your templates more generic and hence more reusable.

    To examine the variables on FortiManager, go to Policy & Objects > Advanced.

    Note the following important properties of the variables:

    • Their scope is per ADOM. (Each ADOM can have its own list of variables.)

    • They support default values. (Hence, they do not have to be set for each device, when most devices must share the same value.)

    Returning to our example project, the following tables describe the used variables. Pay special attention to the example values. For example, the LAN interface IP must be given together with the subnet mask, while the loopback IP or the next-hop gateway IP must not.

    Variables used by the backend:

    Variable

    Description

    Example
    region One of the regions defined in the Project Template West

    profile

    One of the profiles defined in the Project Template

    		Silver

    loopback

    Loopback IP (for the overlay network)

    		10.200.1.1

    hostname

    Device hostname

    		 site1-1

    lan_ip

    IP/mask of the LAN-facing interface

    10.0.1.1/24

    mpls_wan_ip

    IP/mask for the MPLS underlay interface

    172.16.0.1/29

    Variables used in Provisioning Templates (in our example project only):

    Variable

    Description

    Example
    mpls_wan_gateway

    Next-hop gateway IP for the MPLS underlay

    		 172.16.0.2
    Previous
    Next