Fortinet white logo
Fortinet white logo

Administration Guide

Importing address names to fabric connectors

Importing address names to fabric connectors

After you configure a fabric connector, you can import address names from products, such as ACI, to the fabric connector, and dynamic firewall address objects are automatically created.

When you are importing address names, you must add filters to display the correct instances before importing address names.

note icon

You can manually create dynamic firewall address objects for SDN fabric connectors. See Configuring dynamic firewall addresses for fabric connectors.

To import address names for SDN connectors:
  1. Go to Policy & Objects > Object Configurations.
  2. In the tree menu, go to External Connectors > Public SDN/Private SDN.
  3. In the content pane, right-click the fabric connector, and select Import.

    The Import SDN Connector dialog box is displayed.

  4. Create a filter to select the correct instances:
    1. Click Add Filter.

      The Filter Generator dialog box is displayed.

    2. Click Add Filter, and select a filter. A filtered list of instances is displayed.
    3. Click OK. The Import SDN Connector dialog box is displayed, and it contains the filter. You can add additional filters, or edit and delete filters.
    4. (Optional) Repeat this procedure to add additional filters.
  5. Select the filters, and click Import.

    The address names are imported and converted to dynamic firewall address objects that are displayed on the Firewall Objects > Addresses pane. The name of the dynamic firewall address uses the following naming convention: <SDN Type>-<random identifier>. Use the Details column and the instance ID to identify the object.

Import by endpoint groups

You can import SDN objects from ACI connectors by endpoint group (EGP). In order to import SDN objects from ACI connectors by EPG, you must have configured your ACI connector with the Type: Direct Connection. See Creating ACI fabric connectors.

To import by endpoint groups (EPGs) for ACI connectors:
  1. Go to Policy & Objects > Security Fabric > SDN Connector
  2. In the content pane, right-click the ACI fabric connector under Private SDN Connector, and select Import. The Import SDN Connector dialog box is displayed.
  3. Once the import function has loaded all of the objects, you can choose the Import Mode. Select By EPG to import SDN objects by endpoint group.
  4. You can create address objects from Policy & Objects > Firewall Objects and use the address in a Policy Package, similar to other SDN connectors.

Importing address names to fabric connectors

Importing address names to fabric connectors

After you configure a fabric connector, you can import address names from products, such as ACI, to the fabric connector, and dynamic firewall address objects are automatically created.

When you are importing address names, you must add filters to display the correct instances before importing address names.

note icon

You can manually create dynamic firewall address objects for SDN fabric connectors. See Configuring dynamic firewall addresses for fabric connectors.

To import address names for SDN connectors:
  1. Go to Policy & Objects > Object Configurations.
  2. In the tree menu, go to External Connectors > Public SDN/Private SDN.
  3. In the content pane, right-click the fabric connector, and select Import.

    The Import SDN Connector dialog box is displayed.

  4. Create a filter to select the correct instances:
    1. Click Add Filter.

      The Filter Generator dialog box is displayed.

    2. Click Add Filter, and select a filter. A filtered list of instances is displayed.
    3. Click OK. The Import SDN Connector dialog box is displayed, and it contains the filter. You can add additional filters, or edit and delete filters.
    4. (Optional) Repeat this procedure to add additional filters.
  5. Select the filters, and click Import.

    The address names are imported and converted to dynamic firewall address objects that are displayed on the Firewall Objects > Addresses pane. The name of the dynamic firewall address uses the following naming convention: <SDN Type>-<random identifier>. Use the Details column and the instance ID to identify the object.

Import by endpoint groups

You can import SDN objects from ACI connectors by endpoint group (EGP). In order to import SDN objects from ACI connectors by EPG, you must have configured your ACI connector with the Type: Direct Connection. See Creating ACI fabric connectors.

To import by endpoint groups (EPGs) for ACI connectors:
  1. Go to Policy & Objects > Security Fabric > SDN Connector
  2. In the content pane, right-click the ACI fabric connector under Private SDN Connector, and select Import. The Import SDN Connector dialog box is displayed.
  3. Once the import function has loaded all of the objects, you can choose the Import Mode. Select By EPG to import SDN objects by endpoint group.
  4. You can create address objects from Policy & Objects > Firewall Objects and use the address in a Policy Package, similar to other SDN connectors.