Fortinet black logo

Configuring fabric connector

Configuring fabric connector

You are required to configure the Fabric Connectors if FortiWeb-VMs are in HA Active-Passive mode. This is to notify the load balancer to distribute the traffic to the new master node when fail-over occurs.

Generating RSA key

First of all, you need to generate the RSA key that will be used for authentication when FortiWeb-VM connects to the load balancer.

  1. Log in to a Linux system which has installed OpenSSL.
  2. Open a SHELL terminal, enter the following commands:
    openssl genrsa -out ./oci_api.key 2048
    openssl rsa -pubout -in ./oci_api.key -out ./oci_api_pub.key

    The file oci_api.key is the RSA private key file and the file oci_api_pub.key is its paired public key file.
  3. Log in OCI. Go to Governance and Administration > Identity > User.
  4. Select the proper user you wan to use.
  5. Click Add Public Key, copy the text in oci_api_pub.key file, and then paste it into the PUBLIC KEY field on the Add Public Key window.
  6. Click Add.

Configuring Fabric Connectors

  1. Go to System > Config > Fabric Connectors.
  2. Configure the settings.
  3. Name Enter a name for the Fabric Connector.
    User ID

    To get the User ID:

    1. Log in to OCI.
    2. Go to Governance and Administration > Identity > User.
    3. Click the user you want to use.
    4. Copy the OCID of this user.
    OCI Tenant ID

    To get the OCI tenant ID:

    1. Log in to OCI.
    2. Go to Governance and Administration > Administration > Tenancy Details.
    3. Click the Tenancy you want to use.
    4. Copy the OCID of this Tenancy.
    OCI Compartment ID

    To get the OCI compartment ID:

    1. Log in to OCI.
    2. Go to Governance and Administration > Identity > Compartments.
    3. Click the compartment that your load balancer is located in.
    4. Copy the OCID of this Tenancy.

    Note: If you don't have a compartment, you can leave this option empty.

    OCI LoadBalancer ID

    To get the OCI LoadBalancer ID:

    1. Log in to OCI.
    2. Go to Core Infrastructure > Networking > Load Balancers.
    3. Click the load balancer used for the HA cluster.
    4. Copy the OCID of this load balancer.

    OCI Server Region Type

    If your OCI server region is either “US Federal Cloud with DISA Impact Level 5 Authorization Regions” or “US Government Cloud with FedRAMP Authorization Regions”, please select Government. Otherwise please select Commercial.

    OCI Server Region

    Enter the Region Identifier of your load balancer.

    Private Key Upload the private key file you have generated when Configuring fabric connector.
    Test Test the connectivity for your configuration.

Configuring fabric connector

You are required to configure the Fabric Connectors if FortiWeb-VMs are in HA Active-Passive mode. This is to notify the load balancer to distribute the traffic to the new master node when fail-over occurs.

Generating RSA key

First of all, you need to generate the RSA key that will be used for authentication when FortiWeb-VM connects to the load balancer.

  1. Log in to a Linux system which has installed OpenSSL.
  2. Open a SHELL terminal, enter the following commands:
    openssl genrsa -out ./oci_api.key 2048
    openssl rsa -pubout -in ./oci_api.key -out ./oci_api_pub.key

    The file oci_api.key is the RSA private key file and the file oci_api_pub.key is its paired public key file.
  3. Log in OCI. Go to Governance and Administration > Identity > User.
  4. Select the proper user you wan to use.
  5. Click Add Public Key, copy the text in oci_api_pub.key file, and then paste it into the PUBLIC KEY field on the Add Public Key window.
  6. Click Add.

Configuring Fabric Connectors

  1. Go to System > Config > Fabric Connectors.
  2. Configure the settings.
  3. Name Enter a name for the Fabric Connector.
    User ID

    To get the User ID:

    1. Log in to OCI.
    2. Go to Governance and Administration > Identity > User.
    3. Click the user you want to use.
    4. Copy the OCID of this user.
    OCI Tenant ID

    To get the OCI tenant ID:

    1. Log in to OCI.
    2. Go to Governance and Administration > Administration > Tenancy Details.
    3. Click the Tenancy you want to use.
    4. Copy the OCID of this Tenancy.
    OCI Compartment ID

    To get the OCI compartment ID:

    1. Log in to OCI.
    2. Go to Governance and Administration > Identity > Compartments.
    3. Click the compartment that your load balancer is located in.
    4. Copy the OCID of this Tenancy.

    Note: If you don't have a compartment, you can leave this option empty.

    OCI LoadBalancer ID

    To get the OCI LoadBalancer ID:

    1. Log in to OCI.
    2. Go to Core Infrastructure > Networking > Load Balancers.
    3. Click the load balancer used for the HA cluster.
    4. Copy the OCID of this load balancer.

    OCI Server Region Type

    If your OCI server region is either “US Federal Cloud with DISA Impact Level 5 Authorization Regions” or “US Government Cloud with FedRAMP Authorization Regions”, please select Government. Otherwise please select Commercial.

    OCI Server Region

    Enter the Region Identifier of your load balancer.

    Private Key Upload the private key file you have generated when Configuring fabric connector.
    Test Test the connectivity for your configuration.