Templates phase
- Select Next to continue.
If VDOMs are not enabled on the device, the wizard will skip the VDOM phase. You can Select to import each VDOM step by step, one at a time, or automatically import all VDOMs.
Import virtual domains phase
The following import options are available:
| Import Options | The wizard will detect if the device contains virtual domains (VDOMs). You can select the behavior for FortiManager to take to import these VDOMs. Import options include:
l Import each VDOM step by step l Import VDOM one at a time l Automatically import all VDOMs |
Import virtual domains phase display the automatic import option.
Import virtual domains phase
When selecting to import the VDOM step-by-step or one of the time, you will have additional options. You can use the global zone map section of the wizard to map your dynamic interface zones.
- Select Next to continue. The wizard will then perform a policy search to find all policies in preparation for importation into FortiManager’s database. Once this step is complete, you will be shown a summary of the policies. Choose a folder on the drop-down list, type a new policy package name, and select the policies you would like to import from the list. You can also select to import only policy dependent objects or import all objects.
Import policy database phase
Configure the following options:
| Folder | Select the folder using the drop-down list. |
| Policy Package Name | Type a Policy Package Name (if required). |
| Policy Selection | |
| Import All | Select to import all policies. |
| Select Policies and Profile Groups to Import | Select to import specific policies and profile groups on the tree-menu. |
| Object Selection | |
| Import only policy dependent objects | Select to import policy dependent objects only for the device. |
| Import all objects | Select to import all objects for the selected device. |
- Select Next to continue. The wizard then searches the unit for objects to import, and reports any conflicts it detects. If conflicts are detected, you can decide whether to use the FortiGate value or the FortiManager value.
Object phase
If conflicts occur, you can scroll down on this page to download the conflict file. This file is HTML-based and provides details of conflicts.
Download conflict file
- Select Next. The objects that are to be imported will be shown.
Objects to import
- Select Next to import policies and objects into the database. Import phase
- Select Next.
The wizard will present a message Discovered Device Added Successfully and provides a detailed summary of the import. You can select to download the import report. This report is only available on this page.
Summary phase
Import report sample
- Select Finish to close the wizard.
Add a VDOM
To add a VDOM to a managed FortiGate device, right-click on the content pane for a particular device and select Add VDOM from the pop-up menu.
The following settings are available:
| Name | Type a name for the new virtual domain. |
| Operation Mode | Select either NAT or Transparent for operation mode. |
| Management IP Address | Type the management IP address and network mask for the VDOM. This setting is available when Operation Mode is Transparent. |
| Gateway | Type the gateway IP address. This setting is available when Operation Mode is Transparent. |
| Description | Type a description. (Optional) |
Hi, with add model device, whats is the best practices to add a lot of fortigates ? Load basic config with the fortimanager ip ? Thanks
My personal preference is to have a base config that configures the WAN IP of the device (if static) and inputs the FortiManager address. Once it phones home to the Manager I just have the Manager push the appropriate configuration. Obviously, this works better in environments that can withstand some small downtime. Though you could stand a deployment like this up in parallel and then just migrate over.
Hi Mike,
thanks for your answer. This procedure was also my first idea.
It just seems to work best for me in my deployments. Glad I could be of assistance!