Version:


Table of Contents

SD-WAN Orchestrator 7.0.0.r3 Administration Guide

7.0.1
Download PDF
Copy Link

Installing firewall policies

Although SD-WAN Orchestrator MEA is used to configure SD-WAN networks, you use FortiManager to define and install firewall policies to the FortiGates in an SD-WAN network. It is recommended to configure the SD-WAN network before you install firewall policies to FortiGate devices.

Before installing firewall policies, it is recommended to insert the policy block SDWAN_Overlay_PB_EDGE and SDWAN_Overlay_PB_HUB to policy packages, and move the policy blocks to the top. The policy block is automatically maintained by SD-WAN Orchestrator MEA. The policy block allows health-check packets and negotiation packets for IPsec tunnels between devices.

For details about using FortiManager to install firewall policies, see the FortiManager Administration Guide.

Installing firewall policies

Although SD-WAN Orchestrator MEA is used to configure SD-WAN networks, you use FortiManager to define and install firewall policies to the FortiGates in an SD-WAN network. It is recommended to configure the SD-WAN network before you install firewall policies to FortiGate devices.

Before installing firewall policies, it is recommended to insert the policy block SDWAN_Overlay_PB_EDGE and SDWAN_Overlay_PB_HUB to policy packages, and move the policy blocks to the top. The policy block is automatically maintained by SD-WAN Orchestrator MEA. The policy block allows health-check packets and negotiation packets for IPsec tunnels between devices.

For details about using FortiManager to install firewall policies, see the FortiManager Administration Guide.