Fortinet Document Library

Version:


Table of Contents

About FortiGate for OCI

Single FortiGate-VM Deployment

Use Case: High Availability for FortiGate on OCI

Deploying FortiGate-VM using Terraform

Security Fabric Connector Integration with OCI

Resources

Upgrade Path Tool
6.0.0
Copy Link

Creating an Address via the GUI

  1. Go to Policy & Objects > Addresses. Click Create New > Address.

  2. Configure the Address as described:
    1. Name: Enter the desired name.
    2. Type: Select Fabric Connector Address.
    3. Fabric Connector Type: Select Oracle Cloud Infrastructure (OCI).
    4. Filter: Only IP addresses belonging to the specified filter that matches the condition are automatically populated and updated by the SDN Connector. OCI Connectors support the following filters:
      1. 'vm_name=<vm name>': This matches a VM instance name.
      2. 'instance_id=<instance id>': This matches an instance OCID.
      3. 'tag.<key>=<value>': This matches a freeform tag key and its value.
      4. 'definedtag.<namespace>.<key>=<value>': This matches a tag namespace, tag key, and its value.

      In this example, let's use 'tag.<key>=<value>'. You can configure tags on OCI as seen below.

      In this example, let's populate IP addresses of instances that have the "jkatoinstance" tag name with the "demomachine" value.

      You can set filtering conditions using multiple entries with AND ("&") or OR ("|"). When both AND and OR are specified, AND is interpreted first, then OR.

      For example, you can enter "tag.<key>=<value> & vm_name=<vm name>". In this case, IP addresses of instances that match both the tag and VM machine name are populated and updated by the SDN Connector. Filter values do not allow wildcards (such as asterisks).

  3. Click OK after completing all required fields.

  4. Ensure that the Address was created.

  5. After a few minutes, the new Address will take effect. Hover your mouse on the Address to see a list of IP addresses and instances that have the tag key value "demomachine" as configured.

Resources

Creating an Address via the GUI

  1. Go to Policy & Objects > Addresses. Click Create New > Address.

  2. Configure the Address as described:
    1. Name: Enter the desired name.
    2. Type: Select Fabric Connector Address.
    3. Fabric Connector Type: Select Oracle Cloud Infrastructure (OCI).
    4. Filter: Only IP addresses belonging to the specified filter that matches the condition are automatically populated and updated by the SDN Connector. OCI Connectors support the following filters:
      1. 'vm_name=<vm name>': This matches a VM instance name.
      2. 'instance_id=<instance id>': This matches an instance OCID.
      3. 'tag.<key>=<value>': This matches a freeform tag key and its value.
      4. 'definedtag.<namespace>.<key>=<value>': This matches a tag namespace, tag key, and its value.

      In this example, let's use 'tag.<key>=<value>'. You can configure tags on OCI as seen below.

      In this example, let's populate IP addresses of instances that have the "jkatoinstance" tag name with the "demomachine" value.

      You can set filtering conditions using multiple entries with AND ("&") or OR ("|"). When both AND and OR are specified, AND is interpreted first, then OR.

      For example, you can enter "tag.<key>=<value> & vm_name=<vm name>". In this case, IP addresses of instances that match both the tag and VM machine name are populated and updated by the SDN Connector. Filter values do not allow wildcards (such as asterisks).

  3. Click OK after completing all required fields.

  4. Ensure that the Address was created.

  5. After a few minutes, the new Address will take effect. Hover your mouse on the Address to see a list of IP addresses and instances that have the tag key value "demomachine" as configured.