Fortinet black logo

Administration Guide

Zones and interface members (per-device management)

Zones and interface members (per-device management)

When SD-WAN per-device management is enabled, you can create SD-WAN zones and interface members. You can select SD-WAN zones as source and destination interfaces in firewall policies. You cannot select interface members of SD-WAN zones in firewall policies.

The default SD-WAN zone is named virtual-wan-link.

To create an SD-WAN zone:
  1. Ensure that you are in the correct ADOM and that SD-WAN per-device management is enabled for the ADOM.
  2. Go to Device Manager > SD-WAN > SD-WAN.

    The list of devices with SD-WAN configurations is displayed.

  3. Double-click a device to open its configuration for editing, or click Create New to create a new SD-WAN configuration.

    The SD-WAN settings are displayed.

  4. In the Interface Members section, click Create New > SD-WAN Zone.

    The Create New SD-WAN Zone dialog box is displayed.

  5. In the Name box, type a name for the zone.
  6. Click the Interface Members box.

    The list of interfaces is displayed.

  7. Select the interfaces to be members of the zone, and click OK.
  8. Click OK to finish creating the zone.
To create an SD-WAN interface member:
  1. Ensure that you are in the correct ADOM and that SD-WAN per-device management is enabled for the ADOM.
  2. Go to Device Manager > SD-WAN > SD-WAN.

    The list of devices with SD-WAN configurations is displayed.

  3. Double-click a device to open its configuration for editing, or click Create New.

    The SD-WAN settings are displayed.

  4. In the Interface Members section, click Create New > SD-WAN Member.

    The Create New SD-WAN Interface Member dialog box is displayed.

  5. Click the Interface Members box, and select an interface.
  6. In the SD-WAN Zone box, select a zone.
  7. Click OK.

    The interface is added to the zone.

Zones and interface members (per-device management)

When SD-WAN per-device management is enabled, you can create SD-WAN zones and interface members. You can select SD-WAN zones as source and destination interfaces in firewall policies. You cannot select interface members of SD-WAN zones in firewall policies.

The default SD-WAN zone is named virtual-wan-link.

To create an SD-WAN zone:
  1. Ensure that you are in the correct ADOM and that SD-WAN per-device management is enabled for the ADOM.
  2. Go to Device Manager > SD-WAN > SD-WAN.

    The list of devices with SD-WAN configurations is displayed.

  3. Double-click a device to open its configuration for editing, or click Create New to create a new SD-WAN configuration.

    The SD-WAN settings are displayed.

  4. In the Interface Members section, click Create New > SD-WAN Zone.

    The Create New SD-WAN Zone dialog box is displayed.

  5. In the Name box, type a name for the zone.
  6. Click the Interface Members box.

    The list of interfaces is displayed.

  7. Select the interfaces to be members of the zone, and click OK.
  8. Click OK to finish creating the zone.
To create an SD-WAN interface member:
  1. Ensure that you are in the correct ADOM and that SD-WAN per-device management is enabled for the ADOM.
  2. Go to Device Manager > SD-WAN > SD-WAN.

    The list of devices with SD-WAN configurations is displayed.

  3. Double-click a device to open its configuration for editing, or click Create New.

    The SD-WAN settings are displayed.

  4. In the Interface Members section, click Create New > SD-WAN Member.

    The Create New SD-WAN Interface Member dialog box is displayed.

  5. Click the Interface Members box, and select an interface.
  6. In the SD-WAN Zone box, select a zone.
  7. Click OK.

    The interface is added to the zone.