Deployment procedures
The FortiCloud Overlay-as-a-Service (OaaS) is used to configure SD-WAN for a topology that includes a single datacenter and multiple sites. The deployment instructions include the following topics:
-
Review existing OCVPN configuration and plan OaaS configuration
-
Testing and verifying connectivity between sites deployed using OaaS
OaaS requires a license for each spoke, either as a FortiGate VM or a hardware FortiGate device. |
OaaS only supports FortiGate devices running FortiOS 7.2.8 and later or 7.4.1 and later. |
Prerequisites
This guide presumes the following prerequisites have been met:
-
All FortiGate spokes sites (branches and datacenters) have an OaaS license.
-
All FortiGates in the SD-WAN region are running FortiOS 7.2.8 and later or 7.4.1 and later.
-
ISP links and other interfaces have been configured on all devices.
-
ISP routing is configured where branches have proper routes to reach the Hub.
-
LAN and other directly connected networks have been assigned.
-
-
The WAN and LAN interfaces for OaaS service are not used in any existing firewall policy.
-
The WAN and LAN ports are not in any existing network zone.
-
The WAN port is not bound to any SD-WAN zone.