Creating VMWare ESXi connector
With FortiManager, you can create a fabric connector for VMWare ESXi, and then import address names from VMWare ESXi to automatically create dynamic objects that you can use in policies. When you install the policies to one or more FortiGate units, FortiGate uses the information to communicate with VMWare ESXi and dynamically populate the objects with IP addresses.
When you create a fabric connector for VMWare ESXi, you are specifying how FortiGate can communicate directly with VMWare ESXi.
Requirements:
- FortiGate is managed by FortiManager.
- The managed FortiGate unit is configured to work with VMWare ESXi.
To create a fabric connector object for VMWare ESXi:
- Go to Fabric View > External Connectors, and click Create New. The Create New Fabric Connector wizard is displayed.
- Under Private SDN, select VMWare ESXi. The VMWare ESXi screen is displayed.
- Configure the following options, and click OK:
Name
Type a name for the fabric connector object.
Type
Displays VMWare ESXi.
Server
Type the IP address for VMWare ESXi.
User Name
Type the VMWare ESXi user name.
Password
Type the VMWare ESXi password.
Update Interval (s)
Select one of the following options:
- Click Use Default to use the default interval.
- Click Specify and specify the interval.
Status
Toggle On to enable the fabric connector object. Toggle OFF to disable the fabric connector object.
- Click OK to save the connector.
To complete the fabric connector setup:
- Import address names or manually create the dynamic firewall address for the SDN connector. See Importing address names to fabric connectors and Configuring dynamic firewall addresses for fabric connectors.
- In the policy package in which you will be creating the new policy, create a firewall policy and include the dynamic firewall address objects for the SDN connector. See Create a new firewall policy.
- Install the policy package to FortiGate. See Install a policy package.
FortiGate communicates with the SDN to dynamically populate the firewall address objects with IP addresses.