Fortinet Document Library

Version:


Table of Contents

Security Fabric Integration with ACI

6.2.0
Download PDF
Copy Link

Importing address names to fabric connectors

After you configure a fabric connector, you can import address names from products, such as NSX and ACI, to the fabric connector, and dynamic firewall address objects are automatically created.

When you are importing address names from AWS, you must add filters to display the correct instances before importing address names.

note icon

You cannot import address names to fabric connectors created for Microsoft Azure and Nuage Virtualized Services Platform. You must manually create dynamic firewall address objects for these types of fabric connectors.

To import address names for NSX and ACI:
  1. Go to Policy & Objects > Object Configurations.
  2. In the tree menu, go to Security Fabric > Fabric Connectors.
  3. In the content pane, right-click the fabric connector, and select Import.

    The Import SDN Connector dialog box is displayed.

  4. Select the address names, and click Import.

    The address names are imported and converted to dynamic firewall address objects that are displayed on the Firewall Objects > Addresses pane.

To import address names for AWS:
  1. Go to Policy & Objects > Object Configurations.
  2. In the tree menu, go to Security Fabric > Fabric Connectors.
  3. In the content pane, right-click the fabric connector, and select Import.

    The Import SDN Connector dialog box is displayed.

  4. Create a filter to select the correct AWS instances:
    1. Click Add Filter.

      The Filter Generator dialog box is displayed.

    2. Click Add Filter, and select a filter.

      A filtered list of instances is displayed.

    3. Click OK.
    4. The Import SDN Connector dialog box is displayed, and it contains the filter.

      You can add additional filters, or edit and delete filters.

    5. (Optional) Repeat this procedure to add additional filters.
  5. Select the filters, and click Import.

    The address names are imported and converted to dynamic firewall address objects that are displayed on the Firewall Objects > Addresses pane. The name of the dynamic firewall address uses the following naming convention: AWS-<random identifier>. Use the Details column and the instance ID to identify the object.

Importing address names to fabric connectors

After you configure a fabric connector, you can import address names from products, such as NSX and ACI, to the fabric connector, and dynamic firewall address objects are automatically created.

When you are importing address names from AWS, you must add filters to display the correct instances before importing address names.

note icon

You cannot import address names to fabric connectors created for Microsoft Azure and Nuage Virtualized Services Platform. You must manually create dynamic firewall address objects for these types of fabric connectors.

To import address names for NSX and ACI:
  1. Go to Policy & Objects > Object Configurations.
  2. In the tree menu, go to Security Fabric > Fabric Connectors.
  3. In the content pane, right-click the fabric connector, and select Import.

    The Import SDN Connector dialog box is displayed.

  4. Select the address names, and click Import.

    The address names are imported and converted to dynamic firewall address objects that are displayed on the Firewall Objects > Addresses pane.

To import address names for AWS:
  1. Go to Policy & Objects > Object Configurations.
  2. In the tree menu, go to Security Fabric > Fabric Connectors.
  3. In the content pane, right-click the fabric connector, and select Import.

    The Import SDN Connector dialog box is displayed.

  4. Create a filter to select the correct AWS instances:
    1. Click Add Filter.

      The Filter Generator dialog box is displayed.

    2. Click Add Filter, and select a filter.

      A filtered list of instances is displayed.

    3. Click OK.
    4. The Import SDN Connector dialog box is displayed, and it contains the filter.

      You can add additional filters, or edit and delete filters.

    5. (Optional) Repeat this procedure to add additional filters.
  5. Select the filters, and click Import.

    The address names are imported and converted to dynamic firewall address objects that are displayed on the Firewall Objects > Addresses pane. The name of the dynamic firewall address uses the following naming convention: AWS-<random identifier>. Use the Details column and the instance ID to identify the object.