Fortinet black logo

Mass Provisioning Using FortiManager

Home FortiManager 7.4.0 Mass Provisioning Using FortiManager
7.4.0
7.4.0

Create a device group and policy packages

Create a device group and policy packages

This section includes the following steps for configuring the device group and policy package for branch devices

  1. Create a device group for branch devices

  2. Define address objects

  3. Define a policy package for HUB and branch devices

Create a device group for branch devices

You must create a device group in FortiManager for the branch devices before utilizing the SD-WAN Overlay template. With device groups, you can add additional branch devices to the group, and the newly added devices will automatically inherit the configuration for SD-WAN.

In Device Manager, use the Device Group menu in the banner to create a new device group, and name it Branches.

Define address objects

Here we will create a few address objects to be used by SD-WAN rules and policies in later steps.

To create address objects:

  1. Navigate to Policy & Objects > Firewall Objects, and select Create New > Address in the top left.

  2. Create the following objects, saving after each:
    Address object 1:

    Name

    Branch Network

    IP/Netmask

    10.1.0.0/16

    Address object 2:

    Name

    Datacenter Network

    IP/Netmask

    192.168.100.0/24

Define a policy package for HUB and branch devices

These policy packages are only defined for reference in the device blueprint at this time. The policies will be created in a later step.

  1. Navigate to Policy & Objects > Policy Packages.

  2. From the top menu bar, select Policy Package > New.

  3. Name it Branch_Policy, and select OK.

  4. Repeat steps 1 & 2 steps to create a policy package called HUB_Policy.

Previous
Next

Create a device group and policy packages

This section includes the following steps for configuring the device group and policy package for branch devices

  1. Create a device group for branch devices

  2. Define address objects

  3. Define a policy package for HUB and branch devices

Create a device group for branch devices

You must create a device group in FortiManager for the branch devices before utilizing the SD-WAN Overlay template. With device groups, you can add additional branch devices to the group, and the newly added devices will automatically inherit the configuration for SD-WAN.

In Device Manager, use the Device Group menu in the banner to create a new device group, and name it Branches.

Define address objects

Here we will create a few address objects to be used by SD-WAN rules and policies in later steps.

To create address objects:

  1. Navigate to Policy & Objects > Firewall Objects, and select Create New > Address in the top left.

  2. Create the following objects, saving after each:
    Address object 1:

    Name

    Branch Network

    IP/Netmask

    10.1.0.0/16

    Address object 2:

    Name

    Datacenter Network

    IP/Netmask

    192.168.100.0/24

Define a policy package for HUB and branch devices

These policy packages are only defined for reference in the device blueprint at this time. The policies will be created in a later step.

  1. Navigate to Policy & Objects > Policy Packages.

  2. From the top menu bar, select Policy Package > New.

  3. Name it Branch_Policy, and select OK.

  4. Repeat steps 1 & 2 steps to create a policy package called HUB_Policy.

Previous
Next