Fortinet black logo

SD-WAN Orchestrator 6.4.1 r4 Administration Guide

Home FortiManager 6.4.3 SD-WAN Orchestrator 6.4.1 r4 Administration Guide

Creating new WAN settings

6.4.3
6.4.3
Copy Link
Copy Doc ID 2a78aeea-2ea5-11eb-96b9-00505692583a:544512
Download PDF

Creating new WAN settings

When creating a profile, you can also create new WAN settings.

FortiGate 40F-3G4G model supports a special WAN interface for Wireless Wide Area Networks (WWAN). When you insert a 3G or 4G SIM card into the WWAN interface slot of the device, you can connect to the Internet by using telecommunication operators. If you add this type of FortiGate with WWAN enabled to SD-WAN Orchestrator MEA, a WWAN port is available for configuration.

To create new WAN settings:
  1. Go to Configuration > Profile.

    The list of profiles is displayed.

  2. Create a new profile, or open a profile for updating.

    The Profile <name> dialog box is displayed.

  3. Click the Network tab.

    The Network pane is displayed. For a description of the options, see Network tab.

  4. Expand the WAN section, and click +Create New.

    The WAN dialog box is displayed.

  5. In the Name box, type a name for the WAN settings.
  6. In the Port Type box, select the port, and complete the options.

    Choose between VLAN and Aggregate.

  7. Complete the remaining options, and click OK.

    Option

    Description

    Physical Port

    Available when Port Type set to VLAN.

    Select the port number.

    Displays wwan for FortiGate 40F-3G4G models with enabled WWAN ports.

    VLAN ID

    Available when Port Type is set to VLAN.

    Type an ID for the VLAN.

    Enable

    Toggle on to enable the interface. Toggle off to disable the interface.

    ISP Link

    Available for edge devices when VPN Mode with Hub is set to SITE_TO_SITE on the General tab.

    VPN Connect to Hub ISP Link

    Available for edge devices when VPN Mode with Hub is set to SITE_TO_SITE on the General tab.

    When configuring WWAN interfaces, select an LTE type of ISP link, such as DEFAULT_ISP_LTE_1. Any other setting will disable the wwan feature.

    ADVPN

    Available for edge devices when VPN Mode with Hub is set to DIAL_UP on the General tab.

    On hub devices, select one of the following options:

    • NONE - ADVPN is disabled. Edge devices from the same region will communicate with each other by forwarding packets through their region's hub.
    • INSIDE_REGION - Shortcut tunnels are triggered by traffic and established only inside a region.

    On edge devices, toggle ADVPN on to enable ADVPN. Toggle off to disable ADVPN.

    Mode

    Select a mode.

    Use VIP for VPN Connection

    Toggle on to enable VIP mapping for the WAN port.

    This feature allows overlay tunnels to be established when FortiGate devices are deployed on Cloud platforms, such as AWS, Azure, and on. It also helps establish overlay links between devices when both devices are behind a NAT gateway.

    VIP Address

    Available when Use VIP for VPN Connection is on.

    Type the VIP address for the device. When enabled, tunnels are established with the VIP address instead of the intranet IP address.

    If the FortiGate is deployed on a Cloud platform, contact the Cloud operator to obtain the public IP address .

    Estimated Upstream Bandwidth

    Leave the default value, or specify an estimated value.

    Estimated Downstream Bandwidth

    Leave the default value, or specify an estimated value.

    Access Types

    Select one or more types of access.

    The WAN settings are created.

  8. If you set Port Type to Aggregate, open the WAN settings for editing, select interface members, and click OK.

    Interface members are added to the WAN settings.

Previous
Next

Creating new WAN settings

When creating a profile, you can also create new WAN settings.

FortiGate 40F-3G4G model supports a special WAN interface for Wireless Wide Area Networks (WWAN). When you insert a 3G or 4G SIM card into the WWAN interface slot of the device, you can connect to the Internet by using telecommunication operators. If you add this type of FortiGate with WWAN enabled to SD-WAN Orchestrator MEA, a WWAN port is available for configuration.

To create new WAN settings:
  1. Go to Configuration > Profile.

    The list of profiles is displayed.

  2. Create a new profile, or open a profile for updating.

    The Profile <name> dialog box is displayed.

  3. Click the Network tab.

    The Network pane is displayed. For a description of the options, see Network tab.

  4. Expand the WAN section, and click +Create New.

    The WAN dialog box is displayed.

  5. In the Name box, type a name for the WAN settings.
  6. In the Port Type box, select the port, and complete the options.

    Choose between VLAN and Aggregate.

  7. Complete the remaining options, and click OK.

    Option

    Description

    Physical Port

    Available when Port Type set to VLAN.

    Select the port number.

    Displays wwan for FortiGate 40F-3G4G models with enabled WWAN ports.

    VLAN ID

    Available when Port Type is set to VLAN.

    Type an ID for the VLAN.

    Enable

    Toggle on to enable the interface. Toggle off to disable the interface.

    ISP Link

    Available for edge devices when VPN Mode with Hub is set to SITE_TO_SITE on the General tab.

    VPN Connect to Hub ISP Link

    Available for edge devices when VPN Mode with Hub is set to SITE_TO_SITE on the General tab.

    When configuring WWAN interfaces, select an LTE type of ISP link, such as DEFAULT_ISP_LTE_1. Any other setting will disable the wwan feature.

    ADVPN

    Available for edge devices when VPN Mode with Hub is set to DIAL_UP on the General tab.

    On hub devices, select one of the following options:

    • NONE - ADVPN is disabled. Edge devices from the same region will communicate with each other by forwarding packets through their region's hub.
    • INSIDE_REGION - Shortcut tunnels are triggered by traffic and established only inside a region.

    On edge devices, toggle ADVPN on to enable ADVPN. Toggle off to disable ADVPN.

    Mode

    Select a mode.

    Use VIP for VPN Connection

    Toggle on to enable VIP mapping for the WAN port.

    This feature allows overlay tunnels to be established when FortiGate devices are deployed on Cloud platforms, such as AWS, Azure, and on. It also helps establish overlay links between devices when both devices are behind a NAT gateway.

    VIP Address

    Available when Use VIP for VPN Connection is on.

    Type the VIP address for the device. When enabled, tunnels are established with the VIP address instead of the intranet IP address.

    If the FortiGate is deployed on a Cloud platform, contact the Cloud operator to obtain the public IP address .

    Estimated Upstream Bandwidth

    Leave the default value, or specify an estimated value.

    Estimated Downstream Bandwidth

    Leave the default value, or specify an estimated value.

    Access Types

    Select one or more types of access.

    The WAN settings are created.

  8. If you set Port Type to Aggregate, open the WAN settings for editing, select interface members, and click OK.

    Interface members are added to the WAN settings.

Previous
Next