Onboarding new branch devices
The SD-WAN overlay template uses one or more device groups to determine which devices receive the SD-WAN provisioning templates.
When a new device is added to a device group specified in the SD-WAN overlay template, the SD-WAN provisioning templates are automatically assigned to the device, and you can install the changes using the Install Wizard.
Branch onboarding can be further simplified with the use of device blueprints and metadata variables:
-
Device blueprints can be used when adding model devices to FortiManager to simplify configuration of device settings, including device groups, configuring pre-run templates, policy packages, provisioning templates, and more. See Using device blueprints for model devices.
-
Metadata variables can be used as variables in provisioning templates. The
branch_id
variable is automatically created by the template and each branch device must be assigned a unique value. A branch ID value can be automatically assigned to devices in the SD-WAN branch device group when the Automatic Branch ID Assignment setting is enabled in the SD-WAN overlay template wizard. See ADOM-level metadata variables.
When onboarding multiple new branch devices, you can import devices from a CSV file using device blueprints. Metadata fields including the branch_id
variable can be specified directly in the CSV file. See Import model devices from a CSV file.
To onboard new branch devices:
-
Add the new FortiGate model device to FortiManager using the Device Manager.
Optionally, you can configure a device blueprint to simplify device onboarding. See Using device blueprints for model devices. -
Assign the FortiGate device to the template's branch device group.
The branch provisioning templates are automatically assigned to the device. -
Specify the metadata variables used by the SD-WAN overlay template. By default, the
branch_id
metadata variable must be specified. When Automatic Branch ID Assignment setting is enabled in the wizard, the branch ID is automatically applied to devices in the branch device group. See Automatic Branch ID Assignment. -
Assign policy package for the branch device, and then install the changes using the Install Wizard. See Install wizard.