Installation

To successfully deploy Fortigate Connector into Cisco APIC, customers need to perform the following steps:

• Import Device Package
• Add L4-L7 Device
• Create Functional Profile
• Create Service Graph Template
• Deploy Service Graph Template.

According to the APIC deployment guide, a service device introduces a Layer 4 to Layer 7 service by this typical procedure:

1. Import the device package of the service device,
2. Configure a tenant who asks for network services,
3. Register the device and its logical interfaces,
4. Configure logical device parameters,
5. Configure a layer 3 network,
6. Configure a bridge domain,
7. Configure an application profile,
8. Configure a physical domain (or VMM domain),
9. Configure a VLAN pool,
10. Configure a contract
11. Configure a management endpoint group (EPG),
12. Configure a service graph template,
13. Select default service graph template parameters,
14. Attach the service graph template to a contract Configure additional configuration parameters.

To add a support of a non-Cisco firewall device in the Cisco ACI fabric based data center, a device package should be developed for the APIC. Then the remaining task is standard APIC deployment of a network service device.

Importing the Device Package

1. Download Device Connector Package from Fortinet Support Web (URL) site to local storage.
2. From APIC menu, Navigate to L4-L7 Services > Packages and right click on L4-L7 Device Type on the left hand panel. Select Import Device Package

Importing the Device Package

3. Browse device package from local disk or share device and hit submit.
4. Device package should display on the left hand panel.

Add L4-L7 Device

Remove Device Package

To remove Device Package, navigate to L4-L7 Services > Packages and right click on the Device package on the left panel and select Delete option.

Add L4-L7 Device

Within Tenant, Expand L4-L7 Services > L4-L7 Devices, right click on mouse and select “Create L4-L7 devices”