Fortinet black logo

Administration Guide

Creating IBM Cloud connector

Creating IBM Cloud connector

With FortiManager, you can create a fabric connector for IBM Cloud, and then import address names from IBM Cloud to automatically create dynamic objects that you can use in policies. When you install the policies to one or more FortiGate units, FortiGate uses the information to communicate with IBM Cloud and dynamically populate the objects with IP addresses.

When you create a fabric connector for IBM Cloud, you are specifying how FortiGate can communicate directly with IBM Cloud.

Requirements:

  • FortiGate is managed by FortiManager.
  • The managed FortiGate unit is configured to work with IBM Cloud.
To create an IBM Cloud fabric connector:
  1. Go to Fabric View > Fabric > External Connectors, and click Create New. The Create New Fabric Connector wizard is displayed.
  2. Under Private SDN, select IBM Cloud. The IBM Cloud screen is displayed.
  3. Configure the following options, and then click OK.
    Type

    Displays IBM Cloud.

    Name

    Enter a name for the connector.

    Status

    Toggle On to enable the fabric connector object. Toggle OFF to disable the fabric connector object.

    Update Interval(s)

    Specify how often in seconds that the dynamic firewall objects should be updated.

    Compute GenerationSpecify the IBM Cloud computer generation.

    Region

    Select your IBM Cloud region from the dropdown list.

    API Key

    Enter your IBM Cloud API key.

  4. Click OK to save the connector.
To complete the fabric connector setup:
  1. Import address names or create a dynamic firewall address for the IBM Cloud connector.
    See Importing address names to fabric connectors and Configuring dynamic firewall addresses for fabric connectors.
  2. In the policy package in which you will be creating the new policy, create a firewall policy and include the dynamic firewall address objects for IBM Cloud. See Create a new firewall policy.
  3. Install the policy package to FortiGate. See Install a policy package.

    FortiGate communicates with IBM Cloud to dynamically populate the firewall address objects with IP addresses.

Creating IBM Cloud connector

With FortiManager, you can create a fabric connector for IBM Cloud, and then import address names from IBM Cloud to automatically create dynamic objects that you can use in policies. When you install the policies to one or more FortiGate units, FortiGate uses the information to communicate with IBM Cloud and dynamically populate the objects with IP addresses.

When you create a fabric connector for IBM Cloud, you are specifying how FortiGate can communicate directly with IBM Cloud.

Requirements:

  • FortiGate is managed by FortiManager.
  • The managed FortiGate unit is configured to work with IBM Cloud.
To create an IBM Cloud fabric connector:
  1. Go to Fabric View > Fabric > External Connectors, and click Create New. The Create New Fabric Connector wizard is displayed.
  2. Under Private SDN, select IBM Cloud. The IBM Cloud screen is displayed.
  3. Configure the following options, and then click OK.
    Type

    Displays IBM Cloud.

    Name

    Enter a name for the connector.

    Status

    Toggle On to enable the fabric connector object. Toggle OFF to disable the fabric connector object.

    Update Interval(s)

    Specify how often in seconds that the dynamic firewall objects should be updated.

    Compute GenerationSpecify the IBM Cloud computer generation.

    Region

    Select your IBM Cloud region from the dropdown list.

    API Key

    Enter your IBM Cloud API key.

  4. Click OK to save the connector.
To complete the fabric connector setup:
  1. Import address names or create a dynamic firewall address for the IBM Cloud connector.
    See Importing address names to fabric connectors and Configuring dynamic firewall addresses for fabric connectors.
  2. In the policy package in which you will be creating the new policy, create a firewall policy and include the dynamic firewall address objects for IBM Cloud. See Create a new firewall policy.
  3. Install the policy package to FortiGate. See Install a policy package.

    FortiGate communicates with IBM Cloud to dynamically populate the firewall address objects with IP addresses.