Fortinet black logo

Examples

Home FortiManager 6.4.0 Examples

Configuring tunnel interfaces and dynamic mapping

6.4.0
7.4.0
7.2.0
7.0.0
6.4.0
Copy Link
Copy Doc ID 5ecc39ba-34cd-11eb-96b9-00505692583a:990934
Download PDF

Configuring tunnel interfaces and dynamic mapping

After the policy packages are installed on the FortiGates, ensure the tunnel interfaces for Port 2 and Port 3 are configured correctly.

Tooltip

After completing this task, you can fix the settings that were modified when Installing policy packagesSee Fixing the settings in the policy package.
To configure the tunnel interface address in the GUI:
  1. Go to Device Manager > Device & Groups.
  2. In the tree menu, select the device you want to configure.
  3. Hover over the System tab and select Interface.
  4. Select the tunnel interface, and click Edit.
  5. Enter the tunnel address in the IP/Netmask and Remote/IP fields.

To configure the branch devices in the CLI:

FGT1: config system interface

edit "OL_MPLS_0"

set vdom "root"

set ip 10.254.41.2 255.255.255.255

set allowaccess ping

set type tunnel

set remote-ip 10.254.41.1 255.255.255.0

set estimated-upstream-bandwidth 1500

set estimated-downstream-bandwidth 500

set snmp-index 113

set interface "port3"

next

edit "OL_INET_0"

set vdom "root"

set ip 10.254.40.2 255.255.255.255

set allowaccess ping

set type tunnel

set remote-ip 10.254.40.1 255.255.255.0

set estimated-upstream-bandwidth 100

set estimated-downstream-bandwidth 50

set snmp-index 114

set interface "port2"

next

end

FGT2: config system interface

edit "OL_MPLS_0"

set vdom "root"

set ip 10.254.41.3 255.255.255.255

set allowaccess ping

set type tunnel

set remote-ip 10.254.41.1 255.255.255.0

set estimated-upstream-bandwidth 1500

set estimated-downstream-bandwidth 500

set snmp-index 113

set interface "port3"

next

edit "OL_INET_0"

set vdom "root"

set ip 10.254.40.3 255.255.255.255

set allowaccess ping

set type tunnel

set remote-ip 10.254.40.1 255.255.255.0

set estimated-upstream-bandwidth 100

set estimated-downstream-bandwidth 50

set snmp-index 114

set interface "port2"

next

end

To configure the hub device in the CLI:

FGTDC: config system interface

edit "OL_MPLS_0"

set vdom "root"

set ip 10.254.41.1 255.255.255.255

set allowaccess ping

set type tunnel

set remote-ip 10.254.41.254 255.255.255.0

set snmp-index 114

set interface "port3"

next

edit "OL_INET_0"

set vdom "root"

set ip 10.254.40.1 255.255.255.255

set allowaccess ping

set type tunnel

set remote-ip 10.254.40.254 255.255.255.0

set snmp-index 115

set interface "port2"

next

end

Previous
Next

Configuring tunnel interfaces and dynamic mapping

After the policy packages are installed on the FortiGates, ensure the tunnel interfaces for Port 2 and Port 3 are configured correctly.

Tooltip

After completing this task, you can fix the settings that were modified when Installing policy packagesSee Fixing the settings in the policy package.
To configure the tunnel interface address in the GUI:
  1. Go to Device Manager > Device & Groups.
  2. In the tree menu, select the device you want to configure.
  3. Hover over the System tab and select Interface.
  4. Select the tunnel interface, and click Edit.
  5. Enter the tunnel address in the IP/Netmask and Remote/IP fields.

To configure the branch devices in the CLI:

FGT1: config system interface

edit "OL_MPLS_0"

set vdom "root"

set ip 10.254.41.2 255.255.255.255

set allowaccess ping

set type tunnel

set remote-ip 10.254.41.1 255.255.255.0

set estimated-upstream-bandwidth 1500

set estimated-downstream-bandwidth 500

set snmp-index 113

set interface "port3"

next

edit "OL_INET_0"

set vdom "root"

set ip 10.254.40.2 255.255.255.255

set allowaccess ping

set type tunnel

set remote-ip 10.254.40.1 255.255.255.0

set estimated-upstream-bandwidth 100

set estimated-downstream-bandwidth 50

set snmp-index 114

set interface "port2"

next

end

FGT2: config system interface

edit "OL_MPLS_0"

set vdom "root"

set ip 10.254.41.3 255.255.255.255

set allowaccess ping

set type tunnel

set remote-ip 10.254.41.1 255.255.255.0

set estimated-upstream-bandwidth 1500

set estimated-downstream-bandwidth 500

set snmp-index 113

set interface "port3"

next

edit "OL_INET_0"

set vdom "root"

set ip 10.254.40.3 255.255.255.255

set allowaccess ping

set type tunnel

set remote-ip 10.254.40.1 255.255.255.0

set estimated-upstream-bandwidth 100

set estimated-downstream-bandwidth 50

set snmp-index 114

set interface "port2"

next

end

To configure the hub device in the CLI:

FGTDC: config system interface

edit "OL_MPLS_0"

set vdom "root"

set ip 10.254.41.1 255.255.255.255

set allowaccess ping

set type tunnel

set remote-ip 10.254.41.254 255.255.255.0

set snmp-index 114

set interface "port3"

next

edit "OL_INET_0"

set vdom "root"

set ip 10.254.40.1 255.255.255.255

set allowaccess ping

set type tunnel

set remote-ip 10.254.40.254 255.255.255.0

set snmp-index 115

set interface "port2"

next

end

Previous
Next