Re: Cisco ACI integration with fortigate firewall

Mohammed Athamneh · ‎12-18-2019

Hello,
I'm trying to deploy L4-L7 service in Go-To mode without L3out but not working.
any one can provide me with a document or brief procedure to do that.

balaji.bandi · ‎12-19-2019

I have attended one of the session with FortiGate : (not deployed my self)

they were given the below information and mentioned they do support. ( version 5.X now they 6.X so they may have improved bit)

https://docs.fortinet.com/document/fortigate/5.6.3/fortigate-connector-cisco-aci-deployment-package/830879/about-fortigate-connector-for-cisco-aci

another one from cisco point of view :

https://blogs.cisco.com/datacenter/new-fortigate-connector-for-cisco-aci-delivers-app-centric-security-automation-for-data-center-agility

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

dsdurkin · ‎12-31-2019

I haven't messed with that specific firewall, but have been testing out un-managed PBR in the lab and have it working. Lumos has a good video on that: https://www.youtube.com/watch?v=wxcQF1318vA

and then i was also able to use the l4-l7 guide to get it working (Configuring Policy-Based Redirect Using the GUI section) Figure 7 in that guide was my setup, basically 2 armed mode with the FW and separate bridge domains for the provider and consumer side.

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/L4-L7_Services_Deployment/guide/b_L4L7_Deploy_ver201/b_L4L7_Deploy_ver201_chapter_010100.html#id_27316