Fortinet black logo

Administration Guide

Home FortiTester 7.1.0 Administration Guide

Using network configuration templates

7.1.0
7.4.0
7.3.2
7.3.0
7.2.3
7.2.2
7.2.1
7.2.0
7.1.0
7.0.0
Copy Link
Copy Doc ID 9217125a-7eda-11ec-a0d0-fa163e15d75b:621315
Download PDF

Using network configuration templates

Many test cases you may want to run will have the same basic network setup. To simplify configuration, you can create a network configuration template and then import it when you initially configure test case settings. The template settings are used to populate the network settings for the new test case configuration.

The network configuration template specifies the IP address type, DUT working mode, client/server port settings, subnet settings, port binding, and VLAN settings, etc.

You can only import template settings if the IP address type and DUT working mode you select in the new test case popup dialog box match the settings in the network configuration template.

After the settings have been imported, you can modify client/server port settings, subnet settings, port binding and VLAN settings if necessary.

Creating a network configuration template

To create a network configuration template:
  1. Go to Objects > Networks under either Performance Testing or Security Testing.
  2. Click + Create New to display the configuration page.
  3. In the popup dialog, configure the following settings:
    Settings Guidelines
    IP Version Select IPv4, IPv6 or mixed version.
    DUT Role Select Network Gateway or Application Server.
    If you want to test an application server, the FortiTester appliance will work as a pure client; if you want to test a network gateway, it will work as both client and server.
    DUT Working Mode
    • Transparent mode: the DUT does not change the IP address of the packet. In NAT mode, the device is considered to be a router hop and the IP addresses can be translated.
    • NAT mode: the DUT does not change the IP address of the packet.
    • Web Proxy mode: the proxy address is used. If the DUT is configured in Web Note: This setting will be shown only when DUT role is Network Gateway.
    Tester and Application Server Specify that the FortiTester appliance and the application server are in the same subnet or route by a gateway to send/receive traffic.
    Note: This setting will be shown only when DUT role is Application Server.
    Port Binding Optional. Port binding aggregates two or more physical ports into one logical port.
    Support NAT Policy Optional. Select SNAT/DNAT to allow DUT to do source and destination NAT on the same session, or select NAT64/NAT46 to allow IPv6 addressed hosts to communicate with IPv4 addressed hosts and vice-versa.
    Note: If the DUT performs SNAT/DNAT on the data traffic, use the Translated To field to change the IP address before starting the run.
    Note: This setting will be shown only when DUT Working Mode is Network Address Translation (NAT).
    Support The network for the three cases are different from the general network, so configure the network specially for them. When the DUT Role is Application Server, only Web Crawler is supported.
    Virtual Router Optional. This option allows the clients and/or servers to be on subnets different from the DUTs interfaces and all traffic to/from the DUTs uses the virtual router's MAC address.
    HTTP/2 HTTP/2 over TLS
    H2C HTTP/2 over TCP
  4. Click OK to continue.
  5. Complete the configuration as described below.
  6. Save the configuration.

After you have created a network configuration template, you can clone it, or export it as a zip file and import the zip file later.

If you select self-created template instead of the default template, you can now select the created Network Config templates from the option list on a test case page as below. Select the template and click to apply this network configuration.



Tip: If you select the default template when creating a test case, here it does not support template switch.

Also, for old test cases that refer to this network configuration template, the template can not be deleted.


Configuring network configuration object settings

Network configuration object settings

Settings Guidelines
Basic Information
Name Specify a configuration name. The name appears in the Network Config drop-down list when you configure test cases.
Network Settings
Client Ports,
Server Ports		 The page lists all the test ports for client-side and server-side connections. The client ports simulate the behavior of clients; the server ports simulate the behavior of servers. FortiTester builds the TCP connections between client ports and server ports (and through the DUT, of course).

You must select at least one client port and one server port. After you select a port for client, a (check mark) is displayed on the port icon. The same port on the server side is no longer available.

Note: You don’t need to select the server port if you've selected the DUT role as Application Server.

MAC Masquerade
MAC Masquerade Specify the first two bytes of a MAC address for the traffic.
QinQ
Outer VLAN ID Specify a Service VLAN tag for FortiTester to use during the test.

Tag Protocol Identifier

Specify the QinQ format.

Subnet
IP Address or Range Specify a single IP address with standard format (for example, 10.1.2.1) or an address range like 10.1.2.1-10.1.2.99.
Translated To NAT mode only. If the DUT uses SNAT/DNAT, specify the new, translated, IP address.
Netmask Specify a netmask between 1 and 31.
NAT46 Prefix Available only when NAT46 is selected as the Support NAT Policy.
NAT64 Prefix Available only when NAT64 is selected as the Support NAT Policy.
External Address or Range Available only when NAT46/NAT64 is selected as the Support NAT Policy.
External Address Netmask Available only when NAT46/NAT64 is selected as the Support NAT Policy.
VLAN ID Specify a VLAN ID between 1 and 4094.
Server IP When the DUT role is an application server, specify a single IP address in the standard format.
Gateway Specify the gateway IP address when the DUT role is an application server or the DUT working mode is in NAT mode.
Peer Network NAT mode only. Specify the peer network subnet address. If the DUT uses SNAT/DNAT, use the translated IP address.
Proxy IP/Mask Web Proxy mode only. Specify the proxy IP address/netmask.
Add Subnet If necessary, click to display additional subnet configuration controls. An interface port can have multiple subnets. FortiTester uses IP addresses in the specified subnets to create TCP connections and transfer data.
Remove Subnet Click to remove the mapping subnet.

Using Ports Connected Relation

Ports Connected Relation link allows you to know the port connection status.



Click the link, and you can see figures below:

Standalone Mode

TestCenter Mode


Previous
Next

Using network configuration templates

Many test cases you may want to run will have the same basic network setup. To simplify configuration, you can create a network configuration template and then import it when you initially configure test case settings. The template settings are used to populate the network settings for the new test case configuration.

The network configuration template specifies the IP address type, DUT working mode, client/server port settings, subnet settings, port binding, and VLAN settings, etc.

You can only import template settings if the IP address type and DUT working mode you select in the new test case popup dialog box match the settings in the network configuration template.

After the settings have been imported, you can modify client/server port settings, subnet settings, port binding and VLAN settings if necessary.

Creating a network configuration template

To create a network configuration template:
  1. Go to Objects > Networks under either Performance Testing or Security Testing.
  2. Click + Create New to display the configuration page.
  3. In the popup dialog, configure the following settings:
    Settings Guidelines
    IP Version Select IPv4, IPv6 or mixed version.
    DUT Role Select Network Gateway or Application Server.
    If you want to test an application server, the FortiTester appliance will work as a pure client; if you want to test a network gateway, it will work as both client and server.
    DUT Working Mode
    • Transparent mode: the DUT does not change the IP address of the packet. In NAT mode, the device is considered to be a router hop and the IP addresses can be translated.
    • NAT mode: the DUT does not change the IP address of the packet.
    • Web Proxy mode: the proxy address is used. If the DUT is configured in Web Note: This setting will be shown only when DUT role is Network Gateway.
    Tester and Application Server Specify that the FortiTester appliance and the application server are in the same subnet or route by a gateway to send/receive traffic.
    Note: This setting will be shown only when DUT role is Application Server.
    Port Binding Optional. Port binding aggregates two or more physical ports into one logical port.
    Support NAT Policy Optional. Select SNAT/DNAT to allow DUT to do source and destination NAT on the same session, or select NAT64/NAT46 to allow IPv6 addressed hosts to communicate with IPv4 addressed hosts and vice-versa.
    Note: If the DUT performs SNAT/DNAT on the data traffic, use the Translated To field to change the IP address before starting the run.
    Note: This setting will be shown only when DUT Working Mode is Network Address Translation (NAT).
    Support The network for the three cases are different from the general network, so configure the network specially for them. When the DUT Role is Application Server, only Web Crawler is supported.
    Virtual Router Optional. This option allows the clients and/or servers to be on subnets different from the DUTs interfaces and all traffic to/from the DUTs uses the virtual router's MAC address.
    HTTP/2 HTTP/2 over TLS
    H2C HTTP/2 over TCP
  4. Click OK to continue.
  5. Complete the configuration as described below.
  6. Save the configuration.

After you have created a network configuration template, you can clone it, or export it as a zip file and import the zip file later.

If you select self-created template instead of the default template, you can now select the created Network Config templates from the option list on a test case page as below. Select the template and click to apply this network configuration.



Tip: If you select the default template when creating a test case, here it does not support template switch.

Also, for old test cases that refer to this network configuration template, the template can not be deleted.


Configuring network configuration object settings

Network configuration object settings

Settings Guidelines
Basic Information
Name Specify a configuration name. The name appears in the Network Config drop-down list when you configure test cases.
Network Settings
Client Ports,
Server Ports		 The page lists all the test ports for client-side and server-side connections. The client ports simulate the behavior of clients; the server ports simulate the behavior of servers. FortiTester builds the TCP connections between client ports and server ports (and through the DUT, of course).

You must select at least one client port and one server port. After you select a port for client, a (check mark) is displayed on the port icon. The same port on the server side is no longer available.

Note: You don’t need to select the server port if you've selected the DUT role as Application Server.

MAC Masquerade
MAC Masquerade Specify the first two bytes of a MAC address for the traffic.
QinQ
Outer VLAN ID Specify a Service VLAN tag for FortiTester to use during the test.

Tag Protocol Identifier

Specify the QinQ format.

Subnet
IP Address or Range Specify a single IP address with standard format (for example, 10.1.2.1) or an address range like 10.1.2.1-10.1.2.99.
Translated To NAT mode only. If the DUT uses SNAT/DNAT, specify the new, translated, IP address.
Netmask Specify a netmask between 1 and 31.
NAT46 Prefix Available only when NAT46 is selected as the Support NAT Policy.
NAT64 Prefix Available only when NAT64 is selected as the Support NAT Policy.
External Address or Range Available only when NAT46/NAT64 is selected as the Support NAT Policy.
External Address Netmask Available only when NAT46/NAT64 is selected as the Support NAT Policy.
VLAN ID Specify a VLAN ID between 1 and 4094.
Server IP When the DUT role is an application server, specify a single IP address in the standard format.
Gateway Specify the gateway IP address when the DUT role is an application server or the DUT working mode is in NAT mode.
Peer Network NAT mode only. Specify the peer network subnet address. If the DUT uses SNAT/DNAT, use the translated IP address.
Proxy IP/Mask Web Proxy mode only. Specify the proxy IP address/netmask.
Add Subnet If necessary, click to display additional subnet configuration controls. An interface port can have multiple subnets. FortiTester uses IP addresses in the specified subnets to create TCP connections and transfer data.
Remove Subnet Click to remove the mapping subnet.

Using Ports Connected Relation

Ports Connected Relation link allows you to know the port connection status.



Click the link, and you can see figures below:

Standalone Mode

TestCenter Mode


Previous
Next