With FortiManager, you can create a fabric connector for Microsoft Azure. You cannot import address names from Microsoft Azure to the fabric connector. Instead you must manually create dynamic firewall objects that you can use in policies. When you install the policies to one or more FortiGate units, FortiGate uses the information to communicate with Microsoft Azure and dynamically populate the objects with IP addresses. Fortinet SDN Connector is not required for this configuration.
- FortiManager 5.6 or later ADOM
- FortiGate is managed by FortiManager
- The managed FortiGate unit is configured to work with Microsoft Azure
Following is a high-level overview of the configuration procedure:
- In FortiManager, ensure that you are using a 5.6 or later ADOM.
- Create a fabric connector object for Microsoft Azure. See Configuring fabric connectors.
- Create dynamic firewall address objects.
See Configuring dynamic firewall addresses for fabric connectors.
You cannot import address names from Microsoft Azure to FortiManager.
- In the policy package in which you will be creating the new policy, create an IPv4 policy and include the dynamic firewall address objects for Microsoft Azure. See IP policies.
- Install the policy package to FortiGate.
See Install a policy package.
FortiGate communicates with Microsoft Azure to dynamically populate the firewall address objects with IP addresses.