Migrate an SD-WAN Orchestrator configuration into SD-WAN templates
This topic includes an example of migrating your SD-WAN Orchestrator configuration into SD-WAN templates. As a part of this migration, the FortiManager and managed FortiGate devices are all upgraded to version 7.0 or later.
The SD-WAN network used in this example is based on the solution described in the Planning your network topic included in the FortiManager 6.4 SD-WAN Orchestrator Administration Guide.
-
The ADOM is on version 6.4 ADOM.
-
The FortiGate devices are on version 6.4.
-
There are two regions, and each region has one hub and two branches.
In the example used in this topic, region one includes hub1, branch11, and branch12, and region two includes hub2, branch21, and branch 22.
To migrate the SD-WAN Orchestrator configuration into SD-WAN templates:
- Upgrade the FortiManager to the latest 7.0 version.
This example uses FortiManager 7.0.10. For more information, see the FortiManager 7.0.10 Upgrade Guide. - Using FortiManager Firmware Templates, upgrade FortiGate devices to the latest 7.0 version.
This example uses FortiOS 7.0.13. For more information, see Firmware templates.- Go to Device Manager > Firmware Templates, and click Create new.
- Assign the firmware template to the device/group that contains the FortiGate devices.
- Proceed with the upgrade.
- Upgrade the ADOM to version 7.0. For more information, seeUpgrading an ADOM.
- Go to System Settings > All ADOMs.
- Select the ADOM and click More > Upgrade.
- Click OK.
- Go to Device Manager > Provisioning Templates > SD-WAN Templates, and import the SD-WAN configuration from hub devices (e.g. hub1 and hub2).
When comparing the SD-WAN templates imported from hub1 and hub2, there are a number of differences. As a result of these differences, and the templates cannot be combined into a singular template for hubs. An example of the differences between imported templates include:- In Interface Members > Underlay, there are different gateways.
- In Performance SLA, there are different names and health-check servers.
- In SD-WAN Rules, there is a different Destination, Criteria, and Member order which is not supported by meta variables.
Example Comparison of Imported HUB templates
Example of SD-WAN template imported from hub1:
Example of SD-WAN template imported from hub2: - Assign the imported hub1 SD-WAN template to the hub1 device, and the imported hub2 SD-WAN template to the hub 2 device.
- Go to Device Manager > Provisioning Templates > SD-WAN Templates, and import the SD-WAN templates from branch devices (e.g. branch11, branch12, branch21, and branch22). When comparing the SD-WAN templates imported from branch devices, there are a number of differences. An example of the differences between imported templates include:
- In Interface Members > overlay_edge2hub, there are different interface members.
- In Performance SLA, there are different names and health-check servers.
- In SD-WAN Rules, there is a different Criteria and Member order which is not supported by meta variables.
Example Comparison of Imported Branch Templates
Example of SD-WAN template imported from branch11: Example of SD-WAN template imported from branch12:
Example of SD-WAN template imported from branch21: Example of SD-WAN template imported from branch22: - Assign the imported branch SD-WAN template to each branch device from which it was imported. For example:
- Assign the template imported from branch11 to the branch11 device.
- Assign the template imported from branch12 to the branch12 device.
- Assign the template imported from branch21 to the branch21 device.
- Assign the template imported from branch22 to the branch22 device.
- (Optional) Continue to upgrade FortiManager to the latest available versions following the recommended upgrade path. For example, upgrade to FortiManager 7.2.4 and then to 7.4.2. See the FortiManager documentation for more information on upgrade paths and the latest available versions.