Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Multiple Datacenters for Enterprise (primary/primary)

    Home FortiManager 7.2.0 Multiple Datacenters for Enterprise (primary/primary)
    7.2.0
    7.2.0

    Creating normalized interfaces

    Creating normalized interfaces

    Because the policy package uses interface objects instead of directly referring to the interface, we must link the interface objects with the actual interfaces on any/all devices. We do this by creating normalized interfaces with per-platform mappings.

    To create normalized interfaces:
    1. In FortiManager, go to Policy & Objects > Object Configurations > Normalized Interface.
    2. In the content pane, click Create New.

      The Create New Normalized Interface pane opens.

    3. Set Name to HUB1.
    4. Under Per-Platform Mapping, click Create New.

      The Create New Per-Platform Mapping dialog box is displayed.

    5. Set the following options, and click OK:

      Matched Platform

      Select all.

      Mapped Interface Name

      Type HUB1.

      Tooltip

      The mapped interface is case sensitive. It must exactly match the interface on the target FortiGate.

      The per-platform mapping is created.

    6. Repeat this procedure to the following per-platform mappings:

      Normalized Interface

      Matching Type

      Mapped Interface/Zone

      HUB1

      Matched Platform: all

      HUB1

      HUB2

      Matched Platform: all

      HUB2

      VPN1

      Matched Platform: all

      VPN1

      VPN2

      Matched Platform: all

      Device: Cloud-Gateway

      VPN2

      VPN1-2

      WAN1

      Matched Platform: all

      WAN1

      WAN2

      Matched Platform: all

      WAN2

      HUB-Loopback

      Matched Device: HUB1

      Device: Cloud-Gateway

      HUB1-Lo

      HUB2-Lo

      LAN

      Matched Platform: all

      Device: Cloud-Gateway

      port3

      port2

    All the per-platform mappings are created:

    Tooltip

    If you are using different ports for LAN between branches, you can leverage per-device mapping to override the matched platform: all.
    Previous
    Next

    Creating normalized interfaces

    Creating normalized interfaces

    Because the policy package uses interface objects instead of directly referring to the interface, we must link the interface objects with the actual interfaces on any/all devices. We do this by creating normalized interfaces with per-platform mappings.

    To create normalized interfaces:
    1. In FortiManager, go to Policy & Objects > Object Configurations > Normalized Interface.
    2. In the content pane, click Create New.

      The Create New Normalized Interface pane opens.

    3. Set Name to HUB1.
    4. Under Per-Platform Mapping, click Create New.

      The Create New Per-Platform Mapping dialog box is displayed.

    5. Set the following options, and click OK:

      Matched Platform

      Select all.

      Mapped Interface Name

      Type HUB1.

      Tooltip

      The mapped interface is case sensitive. It must exactly match the interface on the target FortiGate.

      The per-platform mapping is created.

    6. Repeat this procedure to the following per-platform mappings:

      Normalized Interface

      Matching Type

      Mapped Interface/Zone

      HUB1

      Matched Platform: all

      HUB1

      HUB2

      Matched Platform: all

      HUB2

      VPN1

      Matched Platform: all

      VPN1

      VPN2

      Matched Platform: all

      Device: Cloud-Gateway

      VPN2

      VPN1-2

      WAN1

      Matched Platform: all

      WAN1

      WAN2

      Matched Platform: all

      WAN2

      HUB-Loopback

      Matched Device: HUB1

      Device: Cloud-Gateway

      HUB1-Lo

      HUB2-Lo

      LAN

      Matched Platform: all

      Device: Cloud-Gateway

      port3

      port2

    All the per-platform mappings are created:

    Tooltip

    If you are using different ports for LAN between branches, you can leverage per-device mapping to override the matched platform: all.
    Previous
    Next