Fortinet black logo

SD-WAN Orchestrator 7.0.0.r3 Administration Guide

Network tab

7.0.1
Copy Link
Copy Doc ID 2819d571-05fb-11ec-8f3f-00505692583a:44803
Download PDF

Network tab

The Network tab contains the following sections:

Physical Interface

On the General tab when VDOM mode is toggled on, the Add Physical Interface button is available on the Network tab. In other words, it is available when configuring a profile for VDOM mode.

Click Add Physical Interface to add one or more physical interfaces for the role of WAN, LAN, or DMZ. See Adding physical interfaces for VDOMs.

Note

Instead of adding physical interfaces for use by VDOMs, you can retrieve interfaces when you add a VDOM to SD-WAN Orchestrator MEA. See Adding VDOMs .

WAN

Expand WAN to view the following options:

Option

Description

Create New

Click Create New to define a new WAN interface.

You can define the port type as VLAN, Aggregate, Hard_Switch, Soft_Switch, and Extender.

When the port type is AGGREGATE, you must save the WAN configuration, and then open it for editing to add interface members.

See also Creating new WAN settings.

Extender

Available when Running on Cloud is toggled off on the General tab of the profile.

Click Extender to configure FortiExtender as a WAN port for FortiGate.

See also Creating profiles with FortiExtender WAN ports.

Interface

Displays the interface name.

Vlan

Displays whether VLAN is used.

Interface Members

Displays the interface members for an aggregate interface.

ISP Link

Displays the name of the ISP link.

WAN Type

Displays the type of WAN used.

Private Wire

Displays whether a private wire is used.

Mode

Displays the mode used by the interface.

Enable

Indicates whether the interface is enabled.

Access

Displays the types of access to allowed for the interface.

Update

Click the Update icon to edit the settings.

LAN

Expand LAN to view the following options:

Option

Description

Create New

Click Create New to define a new LAN interface.

You can define the port type as VLAN, WiFi_SSID, Aggregate, Hard_Switch, and Soft_Switch.

When the port type is AGGREGATE, you must save the LAN configuration, and then open it for editing to add interface members.

See also Creating new LAN settings.

Switch/AP Configuration

Toggle on to enable configuration of managed FortiSwitch and FortiAP devices, and display the Switch/AP button.

Toggle off to disable configuration of managed FortiSwitch and FortiAP devices. If you toggle this feature off after configuring switch and AP devices, the configuration is reset for all managed switch and AP devices.

Switch/AP

Available when Switch/AP Configuration is toggled on.

Click Switch/AP to define settings for FortiSwitch and FortiAP devices.

See also Attaching a FortiSwitch model to FortiGate and Adding a FortiAP model device.

Interface

Displays the interface name.

Vlan

Displays whether VLAN is used.

Interface Members Displays the interface members for an aggregate interface.
Subnet Type Displays the type of subnet.
IP Address Displays the IP address.
DHCP Server/Relay Displays the DHCP mode

DHCP Pool Size

Displays the DHCP pool size.

Access

Displays the types of access to allowed for the interface.

Update

Click the Update icon to edit the settings.

DMZ

Expand DMZ to view the following options:

Option

Description

Create New

Click Create New to define a new DMZ interface.

You can define the port type as VLAN or AGGREGATE.

When the port type is AGGREGATE, you must save the DMZ configuration, and then open it for editing to add interface members.

See also Creating new DMZ settings.

Interface

Displays the interface name.

Vlan

Displays whether VLAN is used.

Interface Members

Displays the interface members for an aggregate interface.

Enable

Indicates whether the interface is enabled.

Access

Displays the types of access to allowed for the interface.

Update

Click the Update icon to edit the settings.

Virtual Wire Pair

Expand Virtual Wire Pair to view the following options:

Option

Description

Create New

Click Create New to define a virtual wire pair.

See also Creating virtual wire pairs.

Interface Members

Select two interface members for the virtual wire pair. A virtual wire pair must have exactly two interface members.

Wildcard VLAN

Toggle ON to enable wildcard VLAN.

Toggle OFF to disable this feature.

VLAN Filter

Available when Wildcard VLAN is toggled ON.

Click Add to create a VLAN filter.

MGMT

Expand MGMT to view the following options:

Option

Description

Interface

Displays the management interface.

BGP

Expand BGP to view the following options:

Option

Description

Router ID

Displays Auto Assign to indicate that the router ID will be automatically assigned.

Redistribute OSPF

Toggle on to enable redistribution of routing table learned by OSPF to other devices controlled by SD-WAN Orchestrator MEA through BGP, or to devices not controlled by SD-WAN Orchestrator MEA, such as Cisco routers.

Toggle off to disable.

Create New

Click Create New to define a new BGP network.

See also Creating new BGP network.

Type

Displays Port Subnet.

Subnet Displays the physical port name.
OSPF

Expand OSPF to view the following options:

Option

Description

Settings

The Settings section displays the OSPF settings.

Router ID

Displays Auto Assign.

Inject Default Route

Select from the following options:

  • Always
  • Enable
  • Disable

Redistribute

The Settings > Redistribute section lets you enable redistribution of routes between devices managed by SD-WAN Orchestrator MEA and devices that are not managed by SD-WAN Orchestrator MEA.

Redistribute Connected

Toggle on to enable redistribution of connected routes.

Redistribute Static

Toggle on to enable redistribution of static routes.

Redistribute BGP

Toggle on to enable redistribution of routing table learned by BGP to other devices controlled by SD-WAN Orchestrator MEA through OSPF, or to devices not controlled by SD-WAN Orchestrator MEA, such as Cisco routers.

Areas

The Areas section lets you define OSPF areas.

Create New

Click Create New to define a new OSPF area.

See Creating new OSPF area.

DNS Server

Expand DNS Server to view the following options:

Option

Description

Server Name

Select a DNS server that you added to SD-WAN Orchestrator MEA.

SNMP

Expand SNMP to view the following options:

Option

Description

SNMP Agent

Toggle on to enable an SNMP agent. Toggle off to disable this feature.

HA Interfaces

Expand HA Interfaces to view the following options:

Option

Description

Monitor Interfaces

Select a port for monitoring interfaces. You can use the same port as the FortiManager heartbeat interface.

Heartbeat Interfaces

Select a port to use for the heartbeat. You can use the same port as the FortiManager monitor interface.

When a profile without HA interface definitions is assigned to a device in an HA cluster, default ports are used. For Monitor Interfaces, WAN1 is used, and for Heartbeat Interfaces, the last LAN port is used.

Network tab

The Network tab contains the following sections:

Physical Interface

On the General tab when VDOM mode is toggled on, the Add Physical Interface button is available on the Network tab. In other words, it is available when configuring a profile for VDOM mode.

Click Add Physical Interface to add one or more physical interfaces for the role of WAN, LAN, or DMZ. See Adding physical interfaces for VDOMs.

Note

Instead of adding physical interfaces for use by VDOMs, you can retrieve interfaces when you add a VDOM to SD-WAN Orchestrator MEA. See Adding VDOMs .

WAN

Expand WAN to view the following options:

Option

Description

Create New

Click Create New to define a new WAN interface.

You can define the port type as VLAN, Aggregate, Hard_Switch, Soft_Switch, and Extender.

When the port type is AGGREGATE, you must save the WAN configuration, and then open it for editing to add interface members.

See also Creating new WAN settings.

Extender

Available when Running on Cloud is toggled off on the General tab of the profile.

Click Extender to configure FortiExtender as a WAN port for FortiGate.

See also Creating profiles with FortiExtender WAN ports.

Interface

Displays the interface name.

Vlan

Displays whether VLAN is used.

Interface Members

Displays the interface members for an aggregate interface.

ISP Link

Displays the name of the ISP link.

WAN Type

Displays the type of WAN used.

Private Wire

Displays whether a private wire is used.

Mode

Displays the mode used by the interface.

Enable

Indicates whether the interface is enabled.

Access

Displays the types of access to allowed for the interface.

Update

Click the Update icon to edit the settings.

LAN

Expand LAN to view the following options:

Option

Description

Create New

Click Create New to define a new LAN interface.

You can define the port type as VLAN, WiFi_SSID, Aggregate, Hard_Switch, and Soft_Switch.

When the port type is AGGREGATE, you must save the LAN configuration, and then open it for editing to add interface members.

See also Creating new LAN settings.

Switch/AP Configuration

Toggle on to enable configuration of managed FortiSwitch and FortiAP devices, and display the Switch/AP button.

Toggle off to disable configuration of managed FortiSwitch and FortiAP devices. If you toggle this feature off after configuring switch and AP devices, the configuration is reset for all managed switch and AP devices.

Switch/AP

Available when Switch/AP Configuration is toggled on.

Click Switch/AP to define settings for FortiSwitch and FortiAP devices.

See also Attaching a FortiSwitch model to FortiGate and Adding a FortiAP model device.

Interface

Displays the interface name.

Vlan

Displays whether VLAN is used.

Interface Members Displays the interface members for an aggregate interface.
Subnet Type Displays the type of subnet.
IP Address Displays the IP address.
DHCP Server/Relay Displays the DHCP mode

DHCP Pool Size

Displays the DHCP pool size.

Access

Displays the types of access to allowed for the interface.

Update

Click the Update icon to edit the settings.

DMZ

Expand DMZ to view the following options:

Option

Description

Create New

Click Create New to define a new DMZ interface.

You can define the port type as VLAN or AGGREGATE.

When the port type is AGGREGATE, you must save the DMZ configuration, and then open it for editing to add interface members.

See also Creating new DMZ settings.

Interface

Displays the interface name.

Vlan

Displays whether VLAN is used.

Interface Members

Displays the interface members for an aggregate interface.

Enable

Indicates whether the interface is enabled.

Access

Displays the types of access to allowed for the interface.

Update

Click the Update icon to edit the settings.

Virtual Wire Pair

Expand Virtual Wire Pair to view the following options:

Option

Description

Create New

Click Create New to define a virtual wire pair.

See also Creating virtual wire pairs.

Interface Members

Select two interface members for the virtual wire pair. A virtual wire pair must have exactly two interface members.

Wildcard VLAN

Toggle ON to enable wildcard VLAN.

Toggle OFF to disable this feature.

VLAN Filter

Available when Wildcard VLAN is toggled ON.

Click Add to create a VLAN filter.

MGMT

Expand MGMT to view the following options:

Option

Description

Interface

Displays the management interface.

BGP

Expand BGP to view the following options:

Option

Description

Router ID

Displays Auto Assign to indicate that the router ID will be automatically assigned.

Redistribute OSPF

Toggle on to enable redistribution of routing table learned by OSPF to other devices controlled by SD-WAN Orchestrator MEA through BGP, or to devices not controlled by SD-WAN Orchestrator MEA, such as Cisco routers.

Toggle off to disable.

Create New

Click Create New to define a new BGP network.

See also Creating new BGP network.

Type

Displays Port Subnet.

Subnet Displays the physical port name.
OSPF

Expand OSPF to view the following options:

Option

Description

Settings

The Settings section displays the OSPF settings.

Router ID

Displays Auto Assign.

Inject Default Route

Select from the following options:

  • Always
  • Enable
  • Disable

Redistribute

The Settings > Redistribute section lets you enable redistribution of routes between devices managed by SD-WAN Orchestrator MEA and devices that are not managed by SD-WAN Orchestrator MEA.

Redistribute Connected

Toggle on to enable redistribution of connected routes.

Redistribute Static

Toggle on to enable redistribution of static routes.

Redistribute BGP

Toggle on to enable redistribution of routing table learned by BGP to other devices controlled by SD-WAN Orchestrator MEA through OSPF, or to devices not controlled by SD-WAN Orchestrator MEA, such as Cisco routers.

Areas

The Areas section lets you define OSPF areas.

Create New

Click Create New to define a new OSPF area.

See Creating new OSPF area.

DNS Server

Expand DNS Server to view the following options:

Option

Description

Server Name

Select a DNS server that you added to SD-WAN Orchestrator MEA.

SNMP

Expand SNMP to view the following options:

Option

Description

SNMP Agent

Toggle on to enable an SNMP agent. Toggle off to disable this feature.

HA Interfaces

Expand HA Interfaces to view the following options:

Option

Description

Monitor Interfaces

Select a port for monitoring interfaces. You can use the same port as the FortiManager heartbeat interface.

Heartbeat Interfaces

Select a port to use for the heartbeat. You can use the same port as the FortiManager monitor interface.

When a profile without HA interface definitions is assigned to a device in an HA cluster, default ports are used. For Monitor Interfaces, WAN1 is used, and for Heartbeat Interfaces, the last LAN port is used.