config system sdn-connector
Description: Configure connection to SDN Connector.
edit <name>
set status [disable|enable]
set type [aci|alicloud|...]
set use-metadata-iam [disable|enable]
set ha-status [disable|enable]
set server {string}
set server-port {integer}
set username {string}
set password {password_aes256}
set vcenter-server {string}
set vcenter-username {string}
set vcenter-password {password_aes256}
set access-key {string}
set secret-key {password}
set region {string}
set vpc-id {string}
set tenant-id {string}
set client-id {string}
set client-secret {password}
set subscription-id {string}
set resource-group {string}
set login-endpoint {string}
set resource-url {string}
set azure-region [global|china|...]
config nic
Description: Configure Azure network interface.
edit <name>
config ip
Description: Configure IP configuration.
edit <name>
set public-ip {string}
set resource-group {string}
next
end
next
end
config route-table
Description: Configure Azure route table.
edit <name>
set subscription-id {string}
set resource-group {string}
config route
Description: Configure Azure route.
edit <name>
set next-hop {string}
next
end
next
end
set user-id {string}
set compartment-id {string}
set oci-region {string}
set oci-region-type [commercial|government]
set oci-cert {string}
set oci-fingerprint {string}
config external-ip
Description: Configure GCP external IP.
edit <name>
next
end
config route
Description: Configure GCP route.
edit <name>
next
end
set gcp-project {string}
set service-account {string}
set private-key {user}
set secret-token {user}
set domain {string}
set group-name {string}
set api-key {password}
set compute-generation {integer}
set ibm-region-gen1 [us-south|us-east|...]
set ibm-region-gen2 [us-south|us-east|...]
set update-interval {integer}
next
end
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable connection to the remote SDN connector. disable: Disable connection to this SDN Connector. enable: Enable connection to this SDN Connector. |
option | - |
type | Type of SDN connector. aci: Application Centric Infrastructure (ACI). alicloud: AliCloud Service (ACS). aws: Amazon Web Services (AWS). azure: Microsoft Azure. gcp: Google Cloud Platform (GCP). nsx: VMware NSX. nuage: Nuage VSP. oci: Oracle Cloud Infrastructure. openstack: OpenStack. kubernetes: Kubernetes. vmware: VMware vSphere (vCenter & ESXi). sepm: Symantec Endpoint Protection Manager. aci-direct: Application Centric Infrastructure (ACI Direct Connection). ibm: IBM Cloud Infrastructure. |
option | - |
use-metadata-iam | Enable/disable use of IAM role from metadata to call API. disable: Disable using IAM role to call API. enable: Enable using IAM role to call API. |
option | - |
ha-status | Enable/disable use for FortiGate HA service. disable: Disable use for FortiGate HA service. enable: Enable use for FortiGate HA service. |
option | - |
server | Server address of the remote SDN connector. | string | Maximum length: 127 |
server-port | Port number of the remote SDN connector. | integer | Minimum value: 0 Maximum value: 65535 |
username | Username of the remote SDN connector as login credentials. | string | Maximum length: 64 |
password | Password of the remote SDN connector as login credentials. | password_aes256 | Not Specified |
vcenter-server | vCenter server address for NSX quarantine. | string | Maximum length: 127 |
vcenter-username | vCenter server username for NSX quarantine. | string | Maximum length: 64 |
vcenter-password | vCenter server password for NSX quarantine. | password_aes256 | Not Specified |
access-key | AWS / ACS access key ID. | string | Maximum length: 31 |
secret-key | AWS / ACS secret access key. | password | Not Specified |
region | AWS / ACS region name. | string | Maximum length: 31 |
vpc-id | AWS VPC ID. | string | Maximum length: 31 |
tenant-id | Tenant ID (directory ID). | string | Maximum length: 127 |
client-id | Azure client ID (application ID). | string | Maximum length: 63 |
client-secret | Azure client secret (application key). | password | Not Specified |
subscription-id | Azure subscription ID. | string | Maximum length: 63 |
resource-group | Azure resource group. | string | Maximum length: 63 |
login-endpoint | Azure Stack login endpoint. | string | Maximum length: 127 |
resource-url | Azure Stack resource URL. | string | Maximum length: 127 |
azure-region | Azure server region. global: Global Azure Server. china: China Azure Server. germany: Germany Azure Server. usgov: US Government Azure Server. local: Azure Stack Local Server. |
option | - |
user-id | User ID. | string | Maximum length: 127 |
compartment-id | Compartment ID. | string | Maximum length: 127 |
oci-region | OCI server region. | string | Maximum length: 31 |
oci-region-type | OCI region type. commercial: Commercial region. government: Government region. |
option | - |
oci-cert | OCI certificate. | string | Maximum length: 63 |
oci-fingerprint | OCI pubkey fingerprint. | string | Maximum length: 63 |
gcp-project | GCP project name. | string | Maximum length: 127 |
service-account | GCP service account email. | string | Maximum length: 127 |
private-key | Private key of GCP service account. | user | Not Specified |
secret-token | Secret token of Kubernetes service account. | user | Not Specified |
domain | Domain name. | string | Maximum length: 127 |
group-name | Group name of computers. | string | Maximum length: 127 |
api-key | IBM cloud API key or service ID API key. | password | Not Specified |
compute-generation | Compute generation for IBM cloud infrastructure. | integer | Minimum value: 1 Maximum value: 2 |
ibm-region-gen1 | IBM cloud compute generation 1 region name. us-south: US South (Dallas) Server. us-east: US East (Washington DC) Server. germany: Germany (Frankfurt) Server. great-britain: Great Britain (London) Server. japan: Japan (Tokyo) Server. australia: Australia (Sydney) Server. |
option | - |
ibm-region-gen2 | IBM cloud compute generation 2 region name. us-south: US South (Dallas) Server. us-east: US East (Washington DC) Server. great-britain: Great Britain (London) Server. |
option | - |
update-interval | Dynamic object update interval (30 - 3600 sec, default = 60, 0 = disabled). | integer | Minimum value: 0 Maximum value: 3600 |
Parameter Name | Description | Type | Size |
---|---|---|---|
public-ip | Public IP name. | string | Maximum length: 63 |
resource-group | Resource group of Azure public IP. | string | Maximum length: 63 |
Parameter Name | Description | Type | Size |
---|---|---|---|
subscription-id | Subscription ID of Azure route table. | string | Maximum length: 63 |
resource-group | Resource group of Azure route table. | string | Maximum length: 63 |
Parameter Name | Description | Type | Size |
---|---|---|---|
next-hop | Next hop address. | string | Maximum length: 127 |
config system sdn-connector
Description: Configure connection to SDN Connector.
edit <name>
set status [disable|enable]
set type [aci|alicloud|...]
set use-metadata-iam [disable|enable]
set ha-status [disable|enable]
set server {string}
set server-port {integer}
set username {string}
set password {password_aes256}
set vcenter-server {string}
set vcenter-username {string}
set vcenter-password {password_aes256}
set access-key {string}
set secret-key {password}
set region {string}
set vpc-id {string}
set tenant-id {string}
set client-id {string}
set client-secret {password}
set subscription-id {string}
set resource-group {string}
set login-endpoint {string}
set resource-url {string}
set azure-region [global|china|...]
config nic
Description: Configure Azure network interface.
edit <name>
config ip
Description: Configure IP configuration.
edit <name>
set public-ip {string}
set resource-group {string}
next
end
next
end
config route-table
Description: Configure Azure route table.
edit <name>
set subscription-id {string}
set resource-group {string}
config route
Description: Configure Azure route.
edit <name>
set next-hop {string}
next
end
next
end
set user-id {string}
set compartment-id {string}
set oci-region {string}
set oci-region-type [commercial|government]
set oci-cert {string}
set oci-fingerprint {string}
config external-ip
Description: Configure GCP external IP.
edit <name>
next
end
config route
Description: Configure GCP route.
edit <name>
next
end
set gcp-project {string}
set service-account {string}
set private-key {user}
set secret-token {user}
set domain {string}
set group-name {string}
set api-key {password}
set compute-generation {integer}
set ibm-region-gen1 [us-south|us-east|...]
set ibm-region-gen2 [us-south|us-east|...]
set update-interval {integer}
next
end
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable connection to the remote SDN connector. disable: Disable connection to this SDN Connector. enable: Enable connection to this SDN Connector. |
option | - |
type | Type of SDN connector. aci: Application Centric Infrastructure (ACI). alicloud: AliCloud Service (ACS). aws: Amazon Web Services (AWS). azure: Microsoft Azure. gcp: Google Cloud Platform (GCP). nsx: VMware NSX. nuage: Nuage VSP. oci: Oracle Cloud Infrastructure. openstack: OpenStack. kubernetes: Kubernetes. vmware: VMware vSphere (vCenter & ESXi). sepm: Symantec Endpoint Protection Manager. aci-direct: Application Centric Infrastructure (ACI Direct Connection). ibm: IBM Cloud Infrastructure. |
option | - |
use-metadata-iam | Enable/disable use of IAM role from metadata to call API. disable: Disable using IAM role to call API. enable: Enable using IAM role to call API. |
option | - |
ha-status | Enable/disable use for FortiGate HA service. disable: Disable use for FortiGate HA service. enable: Enable use for FortiGate HA service. |
option | - |
server | Server address of the remote SDN connector. | string | Maximum length: 127 |
server-port | Port number of the remote SDN connector. | integer | Minimum value: 0 Maximum value: 65535 |
username | Username of the remote SDN connector as login credentials. | string | Maximum length: 64 |
password | Password of the remote SDN connector as login credentials. | password_aes256 | Not Specified |
vcenter-server | vCenter server address for NSX quarantine. | string | Maximum length: 127 |
vcenter-username | vCenter server username for NSX quarantine. | string | Maximum length: 64 |
vcenter-password | vCenter server password for NSX quarantine. | password_aes256 | Not Specified |
access-key | AWS / ACS access key ID. | string | Maximum length: 31 |
secret-key | AWS / ACS secret access key. | password | Not Specified |
region | AWS / ACS region name. | string | Maximum length: 31 |
vpc-id | AWS VPC ID. | string | Maximum length: 31 |
tenant-id | Tenant ID (directory ID). | string | Maximum length: 127 |
client-id | Azure client ID (application ID). | string | Maximum length: 63 |
client-secret | Azure client secret (application key). | password | Not Specified |
subscription-id | Azure subscription ID. | string | Maximum length: 63 |
resource-group | Azure resource group. | string | Maximum length: 63 |
login-endpoint | Azure Stack login endpoint. | string | Maximum length: 127 |
resource-url | Azure Stack resource URL. | string | Maximum length: 127 |
azure-region | Azure server region. global: Global Azure Server. china: China Azure Server. germany: Germany Azure Server. usgov: US Government Azure Server. local: Azure Stack Local Server. |
option | - |
user-id | User ID. | string | Maximum length: 127 |
compartment-id | Compartment ID. | string | Maximum length: 127 |
oci-region | OCI server region. | string | Maximum length: 31 |
oci-region-type | OCI region type. commercial: Commercial region. government: Government region. |
option | - |
oci-cert | OCI certificate. | string | Maximum length: 63 |
oci-fingerprint | OCI pubkey fingerprint. | string | Maximum length: 63 |
gcp-project | GCP project name. | string | Maximum length: 127 |
service-account | GCP service account email. | string | Maximum length: 127 |
private-key | Private key of GCP service account. | user | Not Specified |
secret-token | Secret token of Kubernetes service account. | user | Not Specified |
domain | Domain name. | string | Maximum length: 127 |
group-name | Group name of computers. | string | Maximum length: 127 |
api-key | IBM cloud API key or service ID API key. | password | Not Specified |
compute-generation | Compute generation for IBM cloud infrastructure. | integer | Minimum value: 1 Maximum value: 2 |
ibm-region-gen1 | IBM cloud compute generation 1 region name. us-south: US South (Dallas) Server. us-east: US East (Washington DC) Server. germany: Germany (Frankfurt) Server. great-britain: Great Britain (London) Server. japan: Japan (Tokyo) Server. australia: Australia (Sydney) Server. |
option | - |
ibm-region-gen2 | IBM cloud compute generation 2 region name. us-south: US South (Dallas) Server. us-east: US East (Washington DC) Server. great-britain: Great Britain (London) Server. |
option | - |
update-interval | Dynamic object update interval (30 - 3600 sec, default = 60, 0 = disabled). | integer | Minimum value: 0 Maximum value: 3600 |
Parameter Name | Description | Type | Size |
---|---|---|---|
public-ip | Public IP name. | string | Maximum length: 63 |
resource-group | Resource group of Azure public IP. | string | Maximum length: 63 |
Parameter Name | Description | Type | Size |
---|---|---|---|
subscription-id | Subscription ID of Azure route table. | string | Maximum length: 63 |
resource-group | Resource group of Azure route table. | string | Maximum length: 63 |
Parameter Name | Description | Type | Size |
---|---|---|---|
next-hop | Next hop address. | string | Maximum length: 127 |