Editing or viewing a FortiGate CNF instance
In the CNF Instances table, click Edit to view or edit the following instance details:
Primary details
The following details are displayed in the Edit CNF form.
Item | Description | ||
---|---|---|---|
CNF Name | The unique name of the CNF instance. This field is editable. | ||
Region | The region where this instance is deployed. This field is not editable. | ||
FortiManager mode |
Enable to manage this instance with FortiManager. This field is not editable. |
||
Status |
The deployment status of the instance. The possible values are:
|
||
Instance Type |
The type of this instance, if it is an AWS instance. One of:
Instance Type cannot be changed after the instance is created. This option is only available for AWS instances. |
||
Internal Logging |
Set Internal Logging to one of the following options:
|
||
External Logging |
The selected external logging destination. Select from None, External Syslog, and FortiAnalyzer. This field is editable. |
||
External Syslog Server IP |
The IP address of the syslog server where logs are sent. This field is editable and only displays if External Logging is set to External Syslog. |
||
FortiAnalyzer IP |
The IP address of the FortiAnalyzer where logs are sent. This field is editable and only displays if External Logging is set to FortiAnalyzer. |
||
Source IP |
Displays the public IP address through which all logs for this instance are sent to external syslog servers and FortiAnalyzer. You can add this IP address to your allowlist to accept logs for this FortiGate CNF instance. |
||
Display Primary FortiGate Information |
Enable to display the following connection information:
This field only displays when FortiManager mode is enabled. |
Endpoints and load balancers
FortiGate CNF instances are deployed into your cloud infrastructure using gateway load balancer endpoints (in the case of AWS) or load balancers (in the case of Azure).
In the Configure Endpoints/Load Balancers page, select an endpoint or load balancer and click Edit to view or edit the details. Click Delete to remove the endpoint or load balancer from the instance.
Endpoints
Item | Description |
---|---|
Name | The name of the endpoint. The name must be unique within the CNF instance and does not affect the subnet. This field is only editable if Status is error. |
Account |
The AWS account in which the VPC has been created. This field is not editable after the endpoint has been created. |
VPC ID |
The AWS identifier for the VPC. This field is not editable. |
Subnet | The subnet within the VPC. This field is not editable. |
Select from all subnets |
Disable to display only endpojnts that have been tagged tagged with Key = Enable to display all subnets in the selected VPC. |
Status |
The deployment status of the endpoint. The possible values are:
|
Load balancers
Item | Description |
---|---|
Name | The name of the load balancer. The name must be unique within the CNF instance and does not affect the subnet. This field is editable. |
Account |
The Azure account containing the resources to be protected. This field is not editable after the load balancer has been created. |
Resource Group |
The Azure resource group. This field is not editable after the load balancer has been created. |
Subnet | The subnet within the VPC. This field is not editable. |
Select from all subnets |
Disable to display only endpojnts that have been tagged tagged with Key = Enable to display all subnets in the selected VPC. |
Status |
The deployment status of the endpoint. The possible values are:
|
Policy sets
In the Configure Policy Sets page, view and update the applied policy set for the instance.
The following information is displayed in the form.
Item | Description |
---|---|
Current Policy Set | The name of the policy set currently applied to the CNF instance. |
Revision ID |
The ID of the current CNF instance revision. Changing the applied policy set creates a new revision. Click the View Policy Set Revision eye icon to view more information about the revision. See Viewing a policy set revision for more information. |
Installation Status |
The status of the policy set installation on the instance. The possible values are:
|
Sync Status |
The synchronization status of the policy set. The possible values are:
|
Apply Policy Set |
Select the policy set to apply. Click Diff to the a comparison with the currently installed policy set. |
Policy Set Revision History |
Displays a list of the policy set that has been applied by revision, in descending order beginning with most recent. The following actions are available:
|
Instance Version
The Instance Version page displays the FortiOS version of the FortiGate CNF instance in the Current Dataplane FortiOS Version field.