Fortinet black logo

Creating fabric connector objects for Microsoft Azure

Copy Link
Copy Doc ID a00b3cd0-88e9-11eb-9995-00505692583a:221286
Download PDF

Creating fabric connector objects for Microsoft Azure

With FortiManager, you can create a fabric connector for Microsoft Azure. You cannot import address names from Microsoft Azure to the fabric connector. Instead you must manually create dynamic firewall objects that you can use in policies. When you install the policies to one or more FortiGate units, FortiGate uses the information to communicate with Microsoft Azure and dynamically populate the objects with IP addresses. Fortinet SDN Connector is not required for this configuration.

When you create a fabric connector for Microsoft Azure, you are specifying how FortiGate can communicate directly with Microsoft Azure.

If ADOMs are enabled, you can create one fabric connector per ADOM.

Requirements:

  • FortiManager version 6.0 ADOM or later
  • FortiGate is managed by FortiManager.
  • The managed FortiGate unit is configured to work with Microsoft Azure.
To create a fabric connector object for Microsoft Azure:
  1. Go to Fabric View > Fabric Connectors.
  2. Click Create New. The Create New Fabric Connector wizard is displayed.
  3. Under SDN, select Azure, and click Next.
  4. Configure the following options, and then click OK:

    Name

    Type a name for the fabric connector object.

    Type

    Displays Microsoft Azure.

    Azure tenant ID

    Type the tenant ID from Azure.

    Azure client ID

    Type the client ID from Azure.

    Azure client secret

    Type the client secret from Azure.

    Azure subscription ID

    Type the subscription ID for Azure.

    Azure resource group

    Type the resource group for Azure.

    Update Interval (s)

    Specify how often in seconds that the dynamic firewall objects should be updated.

    Status

    Toggle On to enable the fabric connector object. Toggle OFF to disable the fabric connector object.

    Advanced Options

    Expand to specify advanced options for Azure.

    azure-region

    Select an Azure region.

Creating fabric connector objects for Microsoft Azure

With FortiManager, you can create a fabric connector for Microsoft Azure. You cannot import address names from Microsoft Azure to the fabric connector. Instead you must manually create dynamic firewall objects that you can use in policies. When you install the policies to one or more FortiGate units, FortiGate uses the information to communicate with Microsoft Azure and dynamically populate the objects with IP addresses. Fortinet SDN Connector is not required for this configuration.

When you create a fabric connector for Microsoft Azure, you are specifying how FortiGate can communicate directly with Microsoft Azure.

If ADOMs are enabled, you can create one fabric connector per ADOM.

Requirements:

  • FortiManager version 6.0 ADOM or later
  • FortiGate is managed by FortiManager.
  • The managed FortiGate unit is configured to work with Microsoft Azure.
To create a fabric connector object for Microsoft Azure:
  1. Go to Fabric View > Fabric Connectors.
  2. Click Create New. The Create New Fabric Connector wizard is displayed.
  3. Under SDN, select Azure, and click Next.
  4. Configure the following options, and then click OK:

    Name

    Type a name for the fabric connector object.

    Type

    Displays Microsoft Azure.

    Azure tenant ID

    Type the tenant ID from Azure.

    Azure client ID

    Type the client ID from Azure.

    Azure client secret

    Type the client secret from Azure.

    Azure subscription ID

    Type the subscription ID for Azure.

    Azure resource group

    Type the resource group for Azure.

    Update Interval (s)

    Specify how often in seconds that the dynamic firewall objects should be updated.

    Status

    Toggle On to enable the fabric connector object. Toggle OFF to disable the fabric connector object.

    Advanced Options

    Expand to specify advanced options for Azure.

    azure-region

    Select an Azure region.