Fortinet white logo
Fortinet white logo

Administration Guide

Fabric authorization templates

Fabric authorization templates

Fabric authorization templates can be used to allow FortiManager to automatically authorize FortiAP, FortiSwitch, and FortiExtender devices.

Fabric authorization templates can be created by going to Device Manager > Provisioning Templates > Fabric Authorization Template.

The following options are available:

Create New

Create a new template.

Edit

Edit a template. Right-click a template, and select Edit.

Delete

Delete a template. Right-click a template, and select Delete.

Generate

Generate the Fabric devices using the template.

Fabric authorization template workflow

Fabric authorization template workflow for online devices
  1. Create the Fabric authorization template.
  2. Generate the template and select the required target FortiGate device(s). See Generating Fabric authorization templates.
    • FortiManager will create or update the list of Fabric devices (FortiAP, FortiSwitch, and FortiExtender) on the device database according to the template configuration.
    • The device's Config Status will be set to Modified. The newly created entries can be modified/deleted at this stage as required.
  3. Perform an install on the target FortiGate devices so the Fabric devices are pushed to the targets.
    • When the real Fabric devices come online matching the specified prefix, it will replace the device in the Device Manager. The list is followed from top to bottom until all devices have been replaced by real devices, at which point additional devices will not be automatically authorized.
    • Fabric devices configured by FortiManager are displayed in the Device Manager. You can go to FortiAP Manager , FortiSwitch Manager, and FortiExtender Manager to view and assign profiles to the devices.
Fabric authorization template workflow for model devices
  1. Create the Fabric authorization template.
  2. Add the template to a device blueprint. See Using device blueprints for model devices.
  3. Add model devices individually or by importing them from a CSV file, and select the device blueprint which includes the Fabric authorization template.
  4. After the device is added to FortiManager, the FortiAP, FortiExtender and FortiSwitch devices will be automatically configured for the FortiGate(s) as defined in the Fabric authorization template.
    • When the real Fabric devices come online matching the specified prefix, it will replace the device in the Device Manager. The list is followed from top to bottom until all devices have been replaced by real devices, at which point additional devices will not be automatically authorized.

Creating and applying the Fabric authorization template

To create a new Fabric authorization template:
  1. Go to Device Manager > Provisioning Templates > Fabric Authorization Template.
  2. Click Create New. The Create New Fabric Authorization Template pane opens.

  3. Enter the following information, then click OK to create the certificate template:

    Name

    Enter a name for the Fabric authorization template.

    Description

    Optionally, provide a description for the template.

    FortiAP

    Enable Wireless Controller

    Toggle to enable wireless controllers. Additional settings are available once this option is selected.

    Platform 1

    By default, only one wireless controller platform is listed. You can click the add button at the bottom of the page to add another platform to the template. Click the trash icon to delete the platform.

    Prefix

    Select the serial number prefix for the selected devices from the dropdown menu.

    Number of Devices

    Select the number of devices to pre-authorize.

    FortiSwitch

    Enable Switch Controller

    Toggle to enable switch controllers. Additional settings are available once this option is selected.

    Platform

    By default, only one switch platform is listed. You can click the add button at the bottom of the page to add another platform to the template. Click the trash icon to delete the platform.

    Prefix

    Select the serial number prefix for the selected devices from the dropdown menu.

    Number of Devices

    Select the number of devices to pre-authorize.

    FortiLink Interface

    Type the interface for FortiLink.

    FortiExtender

    Enable Extender Controller

    Toggle to enable extender controllers. Additional settings are available once this option is selected.

    Platform 1

    By default, only one extender platform is listed. You can click the add button at the bottom of the page to add another platform to the template. Click the trash icon to delete the platform.

    Prefix

    Select the serial number prefix for the selected devices from the dropdown menu.

    Number of Devices

    Select the number of devices to pre-authorize.

    Extension Type

    Select the extension type as either WAN Extension or LAN Extension.

Generating Fabric authorization templates

To generate a Fabric authorization template:
  1. Go to Device Manager > Provisioning Templates > Fabric Authorization Template.
  2. Select a previously created Fabric authorization template, and click Generate in the toolbar or right-click menu.
  3. Select the target FortiGate devices on which to generate the configuration.
    The Generate authorization template wizard runs and applies the authorization template to the selected device.
  4. Click Finish.

Fabric authorization templates

Fabric authorization templates

Fabric authorization templates can be used to allow FortiManager to automatically authorize FortiAP, FortiSwitch, and FortiExtender devices.

Fabric authorization templates can be created by going to Device Manager > Provisioning Templates > Fabric Authorization Template.

The following options are available:

Create New

Create a new template.

Edit

Edit a template. Right-click a template, and select Edit.

Delete

Delete a template. Right-click a template, and select Delete.

Generate

Generate the Fabric devices using the template.

Fabric authorization template workflow

Fabric authorization template workflow for online devices
  1. Create the Fabric authorization template.
  2. Generate the template and select the required target FortiGate device(s). See Generating Fabric authorization templates.
    • FortiManager will create or update the list of Fabric devices (FortiAP, FortiSwitch, and FortiExtender) on the device database according to the template configuration.
    • The device's Config Status will be set to Modified. The newly created entries can be modified/deleted at this stage as required.
  3. Perform an install on the target FortiGate devices so the Fabric devices are pushed to the targets.
    • When the real Fabric devices come online matching the specified prefix, it will replace the device in the Device Manager. The list is followed from top to bottom until all devices have been replaced by real devices, at which point additional devices will not be automatically authorized.
    • Fabric devices configured by FortiManager are displayed in the Device Manager. You can go to FortiAP Manager , FortiSwitch Manager, and FortiExtender Manager to view and assign profiles to the devices.
Fabric authorization template workflow for model devices
  1. Create the Fabric authorization template.
  2. Add the template to a device blueprint. See Using device blueprints for model devices.
  3. Add model devices individually or by importing them from a CSV file, and select the device blueprint which includes the Fabric authorization template.
  4. After the device is added to FortiManager, the FortiAP, FortiExtender and FortiSwitch devices will be automatically configured for the FortiGate(s) as defined in the Fabric authorization template.
    • When the real Fabric devices come online matching the specified prefix, it will replace the device in the Device Manager. The list is followed from top to bottom until all devices have been replaced by real devices, at which point additional devices will not be automatically authorized.

Creating and applying the Fabric authorization template

To create a new Fabric authorization template:
  1. Go to Device Manager > Provisioning Templates > Fabric Authorization Template.
  2. Click Create New. The Create New Fabric Authorization Template pane opens.

  3. Enter the following information, then click OK to create the certificate template:

    Name

    Enter a name for the Fabric authorization template.

    Description

    Optionally, provide a description for the template.

    FortiAP

    Enable Wireless Controller

    Toggle to enable wireless controllers. Additional settings are available once this option is selected.

    Platform 1

    By default, only one wireless controller platform is listed. You can click the add button at the bottom of the page to add another platform to the template. Click the trash icon to delete the platform.

    Prefix

    Select the serial number prefix for the selected devices from the dropdown menu.

    Number of Devices

    Select the number of devices to pre-authorize.

    FortiSwitch

    Enable Switch Controller

    Toggle to enable switch controllers. Additional settings are available once this option is selected.

    Platform

    By default, only one switch platform is listed. You can click the add button at the bottom of the page to add another platform to the template. Click the trash icon to delete the platform.

    Prefix

    Select the serial number prefix for the selected devices from the dropdown menu.

    Number of Devices

    Select the number of devices to pre-authorize.

    FortiLink Interface

    Type the interface for FortiLink.

    FortiExtender

    Enable Extender Controller

    Toggle to enable extender controllers. Additional settings are available once this option is selected.

    Platform 1

    By default, only one extender platform is listed. You can click the add button at the bottom of the page to add another platform to the template. Click the trash icon to delete the platform.

    Prefix

    Select the serial number prefix for the selected devices from the dropdown menu.

    Number of Devices

    Select the number of devices to pre-authorize.

    Extension Type

    Select the extension type as either WAN Extension or LAN Extension.

Generating Fabric authorization templates

To generate a Fabric authorization template:
  1. Go to Device Manager > Provisioning Templates > Fabric Authorization Template.
  2. Select a previously created Fabric authorization template, and click Generate in the toolbar or right-click menu.
  3. Select the target FortiGate devices on which to generate the configuration.
    The Generate authorization template wizard runs and applies the authorization template to the selected device.
  4. Click Finish.