Fortinet white logo
Fortinet white logo

SD-WAN Deployment for MSSPs

Static Route Templates

Static Route Templates

Tooltip

API folder: Foundation / Static Route Templates

We recommend using a Static Route Template to configure the default route through SD-WAN on all devices.

Note

In SD-WAN routing logic, we discuss some alternatives to this approach.

To configure the Static Route Template interactively:
  1. Go to Device Manager > Provisioning Templates. Under the Static Route Templates tab, click Create New to create a new template:

  2. Inside it, create a new default route (0.0.0.0/0). Enable SD-WAN option and specify the two SD-WAN Zones underlay and overlay:

    Since we have configured the same SD-WAN Zones (“underlay” and “overlay”) on the Edges and on the Hubs, we will be able to use this template on all the devices.

  3. Save the template.

In addition to the default route, you can use Static Route Templates for any static routes that may be necessary in your environment.

In our example project, for instance, there is a need to specify a next-hop gateway for the MPLS underlay transport, since it does not have a DHCP server. On every site we will add a static route towards the entire MPLS underlay network through the right next-hop gateway.

Note, however, that the next-hop gateway is a site-specific data: it will be different on each site. When we were discussing the Jinja Orchestrator, we have already seen how to deal with site-specific data by specifying it using a per-device variable. In fact, this is how we are going to define the IP address of the MPLS underlay interface on each FortiGate device. (You will recall from Example project template that we rely on the mpls_wan_ip variable for that.)

We will be following a similar approach with the next-hop gateway because the Provisioning Templates support variables.

The following additional tasks need to be performed for our example project:

  1. Go to Policy & Objects > Advanced. Under the Metadata Variables tab, click Create New to add a new variable called mpls_wan_gateway:

  2. In Device Manager, navigate to Provisioning Templates > Static Route Templates, and edit the previously created template. Add another static route towards the entire MPLS underlay transport network. In the Gateway Address field, use the variable created at the previous step:

Static Route Templates

Static Route Templates

Tooltip

API folder: Foundation / Static Route Templates

We recommend using a Static Route Template to configure the default route through SD-WAN on all devices.

Note

In SD-WAN routing logic, we discuss some alternatives to this approach.

To configure the Static Route Template interactively:
  1. Go to Device Manager > Provisioning Templates. Under the Static Route Templates tab, click Create New to create a new template:

  2. Inside it, create a new default route (0.0.0.0/0). Enable SD-WAN option and specify the two SD-WAN Zones underlay and overlay:

    Since we have configured the same SD-WAN Zones (“underlay” and “overlay”) on the Edges and on the Hubs, we will be able to use this template on all the devices.

  3. Save the template.

In addition to the default route, you can use Static Route Templates for any static routes that may be necessary in your environment.

In our example project, for instance, there is a need to specify a next-hop gateway for the MPLS underlay transport, since it does not have a DHCP server. On every site we will add a static route towards the entire MPLS underlay network through the right next-hop gateway.

Note, however, that the next-hop gateway is a site-specific data: it will be different on each site. When we were discussing the Jinja Orchestrator, we have already seen how to deal with site-specific data by specifying it using a per-device variable. In fact, this is how we are going to define the IP address of the MPLS underlay interface on each FortiGate device. (You will recall from Example project template that we rely on the mpls_wan_ip variable for that.)

We will be following a similar approach with the next-hop gateway because the Provisioning Templates support variables.

The following additional tasks need to be performed for our example project:

  1. Go to Policy & Objects > Advanced. Under the Metadata Variables tab, click Create New to add a new variable called mpls_wan_gateway:

  2. In Device Manager, navigate to Provisioning Templates > Static Route Templates, and edit the previously created template. Add another static route towards the entire MPLS underlay transport network. In the Gateway Address field, use the variable created at the previous step: