Fortinet black logo

New Features

Home FortiManager 7.4.0 New Features
7.4.0
7.4.0
7.2.0
7.0.0
6.4.0
6.2.7
6.2.3
6.2.2
6.2.1
6.2.0

Cisco ACI Connector (Universal Connector) supports Endpoint Security Groups (ESGs) 7.4.1

Cisco ACI Connector (Universal Connector) supports Endpoint Security Groups (ESGs) 7.4.1

Cisco ACI Connector (Universal Connector) supports Endpoint Security Groups (ESGs).

To configure ESGs, users must use the Universal Connector. ESGs cannot be configured with a regular SDN connector.

In order to access the Universal Connector, FortiManager requires 4CPU and 16GB of RAM.

To use ESG objects in the Cisco ACI Universal Connector:
  1. Enable the Universal Connector management extension.
    Go to Management Extensions and click the Universal Connector tile. If this is the first time you are enabling a management extension on FortiManager, you must enable it in the CLI. The Universal Connector MEA will be downloaded.

  2. Within the Universal Connector, create a Cisco APIC connector.
    • Specify the APIC server's IP, username, password, and port details (default 443).
    • Enable or disable the SSL/TLS server certificate verification.
  3. Once the correct APIC configuration is set on the ACI connector, you can see the option for ESGs and EPGs.
  4. Select one or more ESG objects, and click OK.
  5. Go to Fabric View > Fabric > External Connectors and enable the Universal Connector.
  6. Go to Policy & Objects > Object Configurations > Firewall Objects > Addresses, and create an FSSO address object and push it to the FortiGate.
Previous
Next

Cisco ACI Connector (Universal Connector) supports Endpoint Security Groups (ESGs) 7.4.1

Cisco ACI Connector (Universal Connector) supports Endpoint Security Groups (ESGs).

To configure ESGs, users must use the Universal Connector. ESGs cannot be configured with a regular SDN connector.

In order to access the Universal Connector, FortiManager requires 4CPU and 16GB of RAM.

To use ESG objects in the Cisco ACI Universal Connector:
  1. Enable the Universal Connector management extension.
    Go to Management Extensions and click the Universal Connector tile. If this is the first time you are enabling a management extension on FortiManager, you must enable it in the CLI. The Universal Connector MEA will be downloaded.

  2. Within the Universal Connector, create a Cisco APIC connector.
    • Specify the APIC server's IP, username, password, and port details (default 443).
    • Enable or disable the SSL/TLS server certificate verification.
  3. Once the correct APIC configuration is set on the ACI connector, you can see the option for ESGs and EPGs.
  4. Select one or more ESG objects, and click OK.
  5. Go to Fabric View > Fabric > External Connectors and enable the Universal Connector.
  6. Go to Policy & Objects > Object Configurations > Firewall Objects > Addresses, and create an FSSO address object and push it to the FortiGate.
Previous
Next