I have multiple accounts with a fortigate vm in each region we use and I want to keep all us-east-1 traffic in us-east-1 unless it needs to leave the region. I have setup a SDN Connector for the VPC where the the fortigate is. Via that connector I can see all the instances, SGs ... in that VPC. But do I only need the one connector for AWS or do I need multiples? And by multiples I mean do I need a Connector for the other VPC (even if they cross accounts) in this region?
Solved! Go to Solution.
I talked to my Network Guy who is better versed in networking then I am and acutally learned a bit about SDN type networks in school. That and my testing is telling me that you only need one SDN connector. I tried to add a new connector for a different VPC in the same account as where the Fortigate was and it discovered nothing different then the default one. I then tried one with a VPC of a different account in our AWS OU. Still the same things were returned.
Everything I am seeing says that the SDN Connector can only see things in the VPC that the fortigate resides in. Nothing else. Therefor, there is no point in creating any more SDN Connectors.
Hello systemgeek,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks
Hello,
We are still looking for someone to help you.
We will come back to you ASAP.
Regards,
I kinda think I found my own answer
That's great news - I'm glad to hear it. If you wouldn't mind, could you share it here for the benefit of future users with similar queries?
I talked to my Network Guy who is better versed in networking then I am and acutally learned a bit about SDN type networks in school. That and my testing is telling me that you only need one SDN connector. I tried to add a new connector for a different VPC in the same account as where the Fortigate was and it discovered nothing different then the default one. I then tried one with a VPC of a different account in our AWS OU. Still the same things were returned.
Everything I am seeing says that the SDN Connector can only see things in the VPC that the fortigate resides in. Nothing else. Therefor, there is no point in creating any more SDN Connectors.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.