Fortinet black logo

Administration Guide

Home FortiTester 7.4.0 Administration Guide
7.4.0
7.4.0
7.3.2
7.3.0
7.2.3
7.2.2
7.2.1
7.2.0
7.1.0
7.0.0

Using network configuration templates

Using network configuration templates

Many test cases will have the same basic network setup. To simplify configuration, you can create a network configuration template and then import it when you initially configure test case settings. The template settings are used to populate the network settings for the new test case configuration.

The network configuration template specifies the IP address type, DUT working mode, client/server port settings, subnet settings, port binding, and VLAN settings, etc.

You can only import template settings if the IP address type and DUT working mode you select in the new test case dialog match the settings in the network configuration template.

After the settings have been imported, you cannot modify client/server port settings, subnet settings, port binding and VLAN settings if necessary.

Creating a network configuration template

To create a network configuration template:
  1. Go to Objects > Networks under either Performance Testing or Security Testing.
  2. Click + Create New to display the configuration page.
  3. In the popup dialog, configure the following settings:
    SettingsGuidelines
    IP VersionSelect v4, v6, or Mixed.
    DUT Role

    Select Network Gateway or Application Server.

    If you want to test an application server, the FortiTester appliance will work as a pure client.

    If you want to test a network gateway, it will work as both client and server.

    DUT Working Mode

    Select from the following options:

    • Transparent (TP): The DUT does not change the IP address of the packet. In NAT mode, the device is considered to be a router hop and the IP addresses can be translated.
    • Network Address Translation (NAT): The DUT does not change the IP address of the packet.
    • Web Proxy: The proxy address is used. If the DUT is configured in Web NOTE: This setting will be shown only when DUT role is Network Gateway.
    Tester and Application Server

    Specify that the FortiTester appliance and the application server are In The Same Subnet or Route By Gateway to send and receive traffic.

    NOTE: This setting will be shown only when DUT role is Application Server.

    Port BindingOptional. Port binding aggregates two or more physical ports into one logical port.
    Support NAT Policy

    Optional. Enable SNAT/DNAT to allow DUT to do source and destination NAT on the same session, or enable NAT64 or NAT46 to allow IPv6 addressed hosts to communicate with IPv4 addressed hosts and vice-versa.

    NOTE: If the DUT performs SNAT/DNAT on the data traffic, use the Translated To field to change the IP address before starting the run.

    NOTE: This setting will be shown only when DUT Working Mode is Network Address Translation (NAT).

    SupportThe network for the three cases are different from the general network, so configure the network specially for them. When the DUT Role is Application Server, only Web Crawler is supported.
    Virtual Router Optional. Allow the clients or servers to be on subnets different from the DUT interfaces, with all traffic to and from the DUT using the virtual router MAC address.
  4. Click OK to continue.
  5. Complete the configuration as described below in To configure network configuration object settings.
  6. Save the configuration.

After you have created a network configuration template, you can clone it or export it as a ZIP file which can be imported later.

You can select the created Network Config templates from the option list on a test case page. Select the template and click to apply the template network configuration.



Also, for test cases that refer to this network configuration template, the template can not be deleted.


Configuring network configuration object settings

To configure network configuration object settings
Settings Guidelines
Basic Information
Name Specify a configuration name. The name appears in the Network Config dropdown list when you configure test cases.
Network Settings
Client Ports,
Server Ports		 The page lists all the test ports for client-side and server-side connections. The client ports simulate the behavior of clients; the server ports simulate the behavior of servers. FortiTester builds the TCP connections between client ports and server ports (and through the DUT).

You must select at least one client port and one server port. After you select a port for client, a check mark () is displayed on the port icon. The same port on the server side is no longer available.

NOTE: The server port does not need to be set if you have set the DUT Role to Application Server.

MAC Masquerade
MAC Masquerade Specify the first two bytes of a MAC address for the traffic.
QinQ
Outer VLAN ID Specify a Service VLAN tag for FortiTester to use during the test.

Tag Protocol Identifier

Specify the QinQ format.

Subnet
IP Address or Range Specify a single IP address with standard format (for example, 10.1.2.1) or an address range like 10.1.2.1-10.1.2.99.
Translated To NAT mode only. If the DUT uses SNAT/DNAT, specify the new, translated, IP address.
Netmask Specify a netmask between 1 and 31.
NAT46 Prefix Available only when NAT46 is selected as the Support NAT Policy.
NAT64 Prefix Available only when NAT64 is selected as the Support NAT Policy.
External Address or Range Available only when NAT46/NAT64 is selected as the Support NAT Policy.
External Address Netmask Available only when NAT46/NAT64 is selected as the Support NAT Policy.
VLAN ID Specify a VLAN ID between 1 and 4094.
Server IP When DUT Role is Application Server, specify a single IP address in the standard format.
Gateway Specify the gateway IP address when DUT Role is Application Server or DUT Working Mode is NAT.
Peer Network Available in NAT mode only. Specify the peer network subnet address. If the DUT uses SNAT/DNAT, use the translated IP address.
Proxy IP/Mask Available in web proxy mode only. Specify the proxy IP address and netmask.
Add Subnet (+) If necessary, click the Add Subnet button (+) to display additional subnet configuration controls. An interface port can have multiple subnets. FortiTester uses IP addresses in the specified subnets to create TCP connections and transfer data.
Remove Subnet (X) Click the Remove button (X) to remove the subnet.

Using Ports Connected Relation

Click Ports Connected Relation to view the port connection status.


Standalone Mode

TestCenter Mode


Previous
Next

Using network configuration templates

Many test cases will have the same basic network setup. To simplify configuration, you can create a network configuration template and then import it when you initially configure test case settings. The template settings are used to populate the network settings for the new test case configuration.

The network configuration template specifies the IP address type, DUT working mode, client/server port settings, subnet settings, port binding, and VLAN settings, etc.

You can only import template settings if the IP address type and DUT working mode you select in the new test case dialog match the settings in the network configuration template.

After the settings have been imported, you cannot modify client/server port settings, subnet settings, port binding and VLAN settings if necessary.

Creating a network configuration template

To create a network configuration template:
  1. Go to Objects > Networks under either Performance Testing or Security Testing.
  2. Click + Create New to display the configuration page.
  3. In the popup dialog, configure the following settings:
    SettingsGuidelines
    IP VersionSelect v4, v6, or Mixed.
    DUT Role

    Select Network Gateway or Application Server.

    If you want to test an application server, the FortiTester appliance will work as a pure client.

    If you want to test a network gateway, it will work as both client and server.

    DUT Working Mode

    Select from the following options:

    • Transparent (TP): The DUT does not change the IP address of the packet. In NAT mode, the device is considered to be a router hop and the IP addresses can be translated.
    • Network Address Translation (NAT): The DUT does not change the IP address of the packet.
    • Web Proxy: The proxy address is used. If the DUT is configured in Web NOTE: This setting will be shown only when DUT role is Network Gateway.
    Tester and Application Server

    Specify that the FortiTester appliance and the application server are In The Same Subnet or Route By Gateway to send and receive traffic.

    NOTE: This setting will be shown only when DUT role is Application Server.

    Port BindingOptional. Port binding aggregates two or more physical ports into one logical port.
    Support NAT Policy

    Optional. Enable SNAT/DNAT to allow DUT to do source and destination NAT on the same session, or enable NAT64 or NAT46 to allow IPv6 addressed hosts to communicate with IPv4 addressed hosts and vice-versa.

    NOTE: If the DUT performs SNAT/DNAT on the data traffic, use the Translated To field to change the IP address before starting the run.

    NOTE: This setting will be shown only when DUT Working Mode is Network Address Translation (NAT).

    SupportThe network for the three cases are different from the general network, so configure the network specially for them. When the DUT Role is Application Server, only Web Crawler is supported.
    Virtual Router Optional. Allow the clients or servers to be on subnets different from the DUT interfaces, with all traffic to and from the DUT using the virtual router MAC address.
  4. Click OK to continue.
  5. Complete the configuration as described below in To configure network configuration object settings.
  6. Save the configuration.

After you have created a network configuration template, you can clone it or export it as a ZIP file which can be imported later.

You can select the created Network Config templates from the option list on a test case page. Select the template and click to apply the template network configuration.



Also, for test cases that refer to this network configuration template, the template can not be deleted.


Configuring network configuration object settings

To configure network configuration object settings
Settings Guidelines
Basic Information
Name Specify a configuration name. The name appears in the Network Config dropdown list when you configure test cases.
Network Settings
Client Ports,
Server Ports		 The page lists all the test ports for client-side and server-side connections. The client ports simulate the behavior of clients; the server ports simulate the behavior of servers. FortiTester builds the TCP connections between client ports and server ports (and through the DUT).

You must select at least one client port and one server port. After you select a port for client, a check mark () is displayed on the port icon. The same port on the server side is no longer available.

NOTE: The server port does not need to be set if you have set the DUT Role to Application Server.

MAC Masquerade
MAC Masquerade Specify the first two bytes of a MAC address for the traffic.
QinQ
Outer VLAN ID Specify a Service VLAN tag for FortiTester to use during the test.

Tag Protocol Identifier

Specify the QinQ format.

Subnet
IP Address or Range Specify a single IP address with standard format (for example, 10.1.2.1) or an address range like 10.1.2.1-10.1.2.99.
Translated To NAT mode only. If the DUT uses SNAT/DNAT, specify the new, translated, IP address.
Netmask Specify a netmask between 1 and 31.
NAT46 Prefix Available only when NAT46 is selected as the Support NAT Policy.
NAT64 Prefix Available only when NAT64 is selected as the Support NAT Policy.
External Address or Range Available only when NAT46/NAT64 is selected as the Support NAT Policy.
External Address Netmask Available only when NAT46/NAT64 is selected as the Support NAT Policy.
VLAN ID Specify a VLAN ID between 1 and 4094.
Server IP When DUT Role is Application Server, specify a single IP address in the standard format.
Gateway Specify the gateway IP address when DUT Role is Application Server or DUT Working Mode is NAT.
Peer Network Available in NAT mode only. Specify the peer network subnet address. If the DUT uses SNAT/DNAT, use the translated IP address.
Proxy IP/Mask Available in web proxy mode only. Specify the proxy IP address and netmask.
Add Subnet (+) If necessary, click the Add Subnet button (+) to display additional subnet configuration controls. An interface port can have multiple subnets. FortiTester uses IP addresses in the specified subnets to create TCP connections and transfer data.
Remove Subnet (X) Click the Remove button (X) to remove the subnet.

Using Ports Connected Relation

Click Ports Connected Relation to view the port connection status.


Standalone Mode

TestCenter Mode


Previous
Next