Fortinet Document Library

Version:

Version:

Version:


Table of Contents

New Features

Download PDF
Copy Link

Interface normalization policy 6.4.1

When an ADOM is created, a number of per-platform interfaces are defined for all FortiGate models by default. This allows all FortiGate models to have a number of normalized interfaces already mapped, so that policies can be installed without custom mapping. The interface names could be matched to different real interfaces on different FortiGate models. All mappings are explicitly shown in the mapping table. If there is no match, mapping will not exist.
Normalized Interface

A normalized interface can be edited or deleted. To edit or delete a normalized interface:

  1. Right-click on a normalized interface entry in the Normalized Interface table.
  2. Select Edit or Delete to edit or delete the normalized interface respectively.
    Edit or Delete normalized interface

The Per-Platform Mapping in a normalized interface can be edited or deleted. To edit or delete the Per-Platform Mapping in a normalized interface:

  1. Right-click on a normalized interface entry in the Normalized Interface table.
  2. Select Edit. The Edit Normalized Interface page appears.
  3. In the Per-Platform Mapping table, right-click on a table entry.
  4. Select Edit or Delete to edit or delete the Per-Platform Mapping respectively.
    Edit or Delete Per-Platform Mapping

A normalized interface may use Per-Platform mapping and/or Per-Device mapping. In a policy, a per-device mapping has a higher priority than a per-platform mapping.

When creating a new normalized interface, to use a physical interface name in the per-platform mapping, the default per-platform mapping should be deleted from the default per-platform interface first. Otherwise the system will throw an error and the interface cannot be created.
Default Interface Mapping Error

When creating a zone, map it to a normalized interface just like mapping to a regular interface.
Mapping a zone to a normalized interface

For each managed FortiGate device you can view the number of normalized interfaces mapped to it. To view the normalized interfaces mapped to a FortiGate:

  1. Select a normalized interface from the Normalized Interface table.
  2. Click More from the toolbar above the table. A drop-down menu drops down.
  3. Select Normalized Interface Preview. The Normalized Interface Mapping Preview modal window appears.
    Normalized Interface Preview
  4. Select a device from the drop-down list to view the normalized interfaces mapped to it.
    Normalized Interface Mapping Preview

You can search for where a normalized interface is configured in a policy package. To search for where a normalized interface is used in a policy package:

  1. Select a normalized interface from the Normalized Interface table.
  2. Right-click and select Where Used from the options.
    The Where Used option
  3. A modal window displays the policy package which the selected normalized interface is used in.
    The modal window showing where a normalized interface is used

You may collapse or expand all the mappings in the Normalized Interface table. To collapse or expand all mappings:

  1. Click More from the toolbar above the Normalized Interface table.
  2. Select Collapse All Mapping to collapse all mappings.
    Collapse All Mapping

When importing a device, you can choose the mapping type of the device interface to be either Per-Platform or Per-Device.
Import Device

You can use normalized interfaces as Virtual Wire Pair members.
Virtual Wire Pair

Interface normalization policy 6.4.1

When an ADOM is created, a number of per-platform interfaces are defined for all FortiGate models by default. This allows all FortiGate models to have a number of normalized interfaces already mapped, so that policies can be installed without custom mapping. The interface names could be matched to different real interfaces on different FortiGate models. All mappings are explicitly shown in the mapping table. If there is no match, mapping will not exist.
Normalized Interface

A normalized interface can be edited or deleted. To edit or delete a normalized interface:

  1. Right-click on a normalized interface entry in the Normalized Interface table.
  2. Select Edit or Delete to edit or delete the normalized interface respectively.
    Edit or Delete normalized interface

The Per-Platform Mapping in a normalized interface can be edited or deleted. To edit or delete the Per-Platform Mapping in a normalized interface:

  1. Right-click on a normalized interface entry in the Normalized Interface table.
  2. Select Edit. The Edit Normalized Interface page appears.
  3. In the Per-Platform Mapping table, right-click on a table entry.
  4. Select Edit or Delete to edit or delete the Per-Platform Mapping respectively.
    Edit or Delete Per-Platform Mapping

A normalized interface may use Per-Platform mapping and/or Per-Device mapping. In a policy, a per-device mapping has a higher priority than a per-platform mapping.

When creating a new normalized interface, to use a physical interface name in the per-platform mapping, the default per-platform mapping should be deleted from the default per-platform interface first. Otherwise the system will throw an error and the interface cannot be created.
Default Interface Mapping Error

When creating a zone, map it to a normalized interface just like mapping to a regular interface.
Mapping a zone to a normalized interface

For each managed FortiGate device you can view the number of normalized interfaces mapped to it. To view the normalized interfaces mapped to a FortiGate:

  1. Select a normalized interface from the Normalized Interface table.
  2. Click More from the toolbar above the table. A drop-down menu drops down.
  3. Select Normalized Interface Preview. The Normalized Interface Mapping Preview modal window appears.
    Normalized Interface Preview
  4. Select a device from the drop-down list to view the normalized interfaces mapped to it.
    Normalized Interface Mapping Preview

You can search for where a normalized interface is configured in a policy package. To search for where a normalized interface is used in a policy package:

  1. Select a normalized interface from the Normalized Interface table.
  2. Right-click and select Where Used from the options.
    The Where Used option
  3. A modal window displays the policy package which the selected normalized interface is used in.
    The modal window showing where a normalized interface is used

You may collapse or expand all the mappings in the Normalized Interface table. To collapse or expand all mappings:

  1. Click More from the toolbar above the Normalized Interface table.
  2. Select Collapse All Mapping to collapse all mappings.
    Collapse All Mapping

When importing a device, you can choose the mapping type of the device interface to be either Per-Platform or Per-Device.
Import Device

You can use normalized interfaces as Virtual Wire Pair members.
Virtual Wire Pair