Fortinet black logo

New Features

Home FortiManager 6.2.0 New Features
6.2.0
7.4.0
7.2.0
7.0.0
6.4.0
6.2.7
6.2.3
6.2.2
6.2.1
6.2.0

Zero-touch provisioning for FortiSwitch

Zero-touch provisioning for FortiSwitch

Model devices used for ZTP can also be linked to model FortiAPs, enabling provisioning of AP settings when first connected.

Scenario 1: When FortiGate is provisioned as a Model Device and uses auto-link for zero-touch install
  1. Create a model FortiGate device by using a real FortiGate serial number.

  2. Configure a model device interface IP, which will be used as the management IP to FortiManager.

  3. In the model device, choose the interface which will be used to connect FortiSwitch, enable FortiSwitch and specify the IP address.

  4. In FortiSwitch Manager, create a model FortiSwitch on the FortiGate by using a real FortiSwitch serial number.

  5. In FortiSwitch Manager > FortiSwitch Template, create a FortiSwitch template, modify port settings and assign it to the model FortiSwitch.

  6. Create a policy package for the model device, then do a policy copy and perform a Copy Only to the model FortiGate.

  7. Connect the real FortiSwitch to the real FortiGate, and connect the FortiGate to the network that FortiManager can reach.
  8. Log on to FortiGate. Go to Security Fabric > Settings and configure central management to connect to FortiManager. (You can also use other method to let FortiGate learn FortiManager IP and trigger FortiManager model device auto-link function.)

  9. Click Apply to apply the settings and click OK to agree the grant to FortiManager.

  10. Go back to FortiManager and double check model device auto link function status with the real FortiGate.

  11. After the configuration is pushed to FortiGate, access FortiGate and verify that the FortiSwitch is enabled and displayed in FortiGate.

  12. Go to FortiManager > FortiSwitch Manager > Managed FortiSwitches. You can see the FortiGate status is up and FortiSwitch is now online.

Scenario 2: FortiGate is already managed by FortiManager
  1. Log on to FortiManager. Go to FortiSwitch Manager > Managed Switchesand click Create New. Choose FortiGate and FortiLink interface, enter the serial number, name, and click OK.

  2. Log on to FortiGate. Go to WiFi & Switch Controller > Managed FortiSwitch and verify that the model FortiSwitch has been deployed.

  3. Go to FortiManager. Go to FortiSwitch Manager > Managed Switches and verify that the model switch is also displayed.

  4. Assign the FortiSwitch template to the model FortiSwitch and deploy the template configuration to FortiGate.

  5. Connect the real FortiSwitch to the FortiGate by using FortiLink port and start the FortiSwitch. After FortiLink negotiation, the FortiSwitch is connected with FortiGate and its status is online.

  6. Go back to FortiManager > FortiSwitch Manager, right-click the managed FortiSwitch and click Refresh. The FortiSwitch status will displayed as Online.

Previous
Next

Zero-touch provisioning for FortiSwitch

Model devices used for ZTP can also be linked to model FortiAPs, enabling provisioning of AP settings when first connected.

Scenario 1: When FortiGate is provisioned as a Model Device and uses auto-link for zero-touch install
  1. Create a model FortiGate device by using a real FortiGate serial number.

  2. Configure a model device interface IP, which will be used as the management IP to FortiManager.

  3. In the model device, choose the interface which will be used to connect FortiSwitch, enable FortiSwitch and specify the IP address.

  4. In FortiSwitch Manager, create a model FortiSwitch on the FortiGate by using a real FortiSwitch serial number.

  5. In FortiSwitch Manager > FortiSwitch Template, create a FortiSwitch template, modify port settings and assign it to the model FortiSwitch.

  6. Create a policy package for the model device, then do a policy copy and perform a Copy Only to the model FortiGate.

  7. Connect the real FortiSwitch to the real FortiGate, and connect the FortiGate to the network that FortiManager can reach.
  8. Log on to FortiGate. Go to Security Fabric > Settings and configure central management to connect to FortiManager. (You can also use other method to let FortiGate learn FortiManager IP and trigger FortiManager model device auto-link function.)

  9. Click Apply to apply the settings and click OK to agree the grant to FortiManager.

  10. Go back to FortiManager and double check model device auto link function status with the real FortiGate.

  11. After the configuration is pushed to FortiGate, access FortiGate and verify that the FortiSwitch is enabled and displayed in FortiGate.

  12. Go to FortiManager > FortiSwitch Manager > Managed FortiSwitches. You can see the FortiGate status is up and FortiSwitch is now online.

Scenario 2: FortiGate is already managed by FortiManager
  1. Log on to FortiManager. Go to FortiSwitch Manager > Managed Switchesand click Create New. Choose FortiGate and FortiLink interface, enter the serial number, name, and click OK.

  2. Log on to FortiGate. Go to WiFi & Switch Controller > Managed FortiSwitch and verify that the model FortiSwitch has been deployed.

  3. Go to FortiManager. Go to FortiSwitch Manager > Managed Switches and verify that the model switch is also displayed.

  4. Assign the FortiSwitch template to the model FortiSwitch and deploy the template configuration to FortiGate.

  5. Connect the real FortiSwitch to the FortiGate by using FortiLink port and start the FortiSwitch. After FortiLink negotiation, the FortiSwitch is connected with FortiGate and its status is online.

  6. Go back to FortiManager > FortiSwitch Manager, right-click the managed FortiSwitch and click Refresh. The FortiSwitch status will displayed as Online.

Previous
Next