Creating fabric connector objects for Microsoft Azure
With FortiManager, you can create a fabric connector for Microsoft Azure. You cannot import address names from Microsoft Azure to the fabric connector. Instead you must manually create dynamic firewall objects that you can use in policies. When you install the policies to one or more FortiGate units, FortiGate uses the information to communicate with Microsoft Azure and dynamically populate the objects with IP addresses. Fortinet SDN Connector is not required for this configuration.
When you create a fabric connector for Microsoft Azure, you are specifying how FortiGate can communicate directly with Microsoft Azure.
If ADOMs are enabled, you can create one fabric connector per ADOM.
Requirements:
- FortiManager version 6.0 ADOM or later
- FortiGate is managed by FortiManager.
- The managed FortiGate unit is configured to work with Microsoft Azure.
To create a fabric connector object for Microsoft Azure:
- Go to Fabric View > Fabric Connectors.
- Click Create New. The Create New Fabric Connector wizard is displayed.
- Under SDN, select Azure, and click Next.
- Configure the following options, and then click OK:
Name
Type a name for the fabric connector object.
Type
Displays Microsoft Azure.
Azure tenant ID
Type the tenant ID from Azure.
Azure client ID
Type the client ID from Azure.
Azure client secret
Type the client secret from Azure.
Azure subscription ID
Type the subscription ID for Azure.
Azure resource group
Type the resource group for Azure.
Update Interval (s)
Specify how often in seconds that the dynamic firewall objects should be updated.
Status
Toggle On to enable the fabric connector object. Toggle OFF to disable the fabric connector object.
Advanced Options
Expand to specify advanced options for Azure.
azure-region
Select an Azure region.