| Solution |
- To deploy SD-WAN on the current running setup without having a large downtime window.
- Initially, if a migration needs to be done from non-SD-WAN to SDWAN then while adding the ISP links in SDWAN, it was asked to delete all the references of the link(port) to add in SD-WAN member.
- Due to the deletion of the reference it required a large downtime window also along with additional configuration.
- From version 7.0.x without deleting the reference, it is possible to add the interface in the SD-WAN existing zone or to create a new zone.
Prerequisite :
Enable the SD-WAN feature on the firewall before migrating to the default SD-WAN zone.
From CLI:
config system sdwan
set status enable
end
Steps:
- Go to Dashboard -> Network -> Interfaces.
- Select the interface from the list that needs to be added to the SD-WAN member.
- After selecting interface, select the option Integrate Interface on the top as shown in the below picture.
-
Selecting the integrated interface gives 3 options, select the last option to add in SD-WAN, select 'Next', and select the zone from the drop-down list.
-
Before the selection of the zone select Next, it will show all the references and ask to delete the reference or replace the same with a new instance.
-
Once the settings are applied it will reflect in the SD-WAN, so it avoids any additional configuration in the policies.
It is possible to change the interface type and define VLAN IDs with the help of the Integrate Interface Option.
Note:
Once the changes are done i.e. from the Physical interface to another, later on, this does not support turning an aggregate, software switch, redundant, zone, or SD-WAN zone interface back into a physical interface.
Interface migration wizard | FortiGate / FortiOS 7.0.0 (fortinet.com).
Related article:
Technical Tip: Moving an Interface that has existing references to SD-WAN zone using Integrate Inter...
|
