A customer having Microsoft Asure with SonicWall VM.
Now we are migrating SonicWall to Fortigate VM on azure.
1. Can I do the configuration of Fortigate VM on azure before go live?
2. Will azure team give new IPs or I can use the exiting IP?
3. To onboard I'll use the market place or import the VM image?
4.We have to go with BYOL or PAYG
Please help me out.
Hi Sakshi, I recommend you to visit https://docs.fortinet.com/cloud-solutions/azure to understand how you can deploy FortiGate on Azure, as it can be a single vm, HA, auto-scale, etc and depending on the chosen deployment option you will have different alternatives. In summary:
1. Can I do the configuration of Fortigate VM on azure before go live?
A: Yes, you can script all the settings and use it when creating the VM. Or, if you're not familiar, you can boot up the VM, configure and after it is ready, you change route tables or any other resource in Azure to use it as your gateway, but this depends on how you are deploying it.
2. Will azure team give new IPs or I can use the exiting IP?
A: depends on your existing IP type today and where you will need to use it.
3. To onboard I'll use the market place or import the VM image?
A: Use marketplace images
4.We have to go with BYOL or PAYG
A: BYOL is used when you have a license file. If you dont have it, you can buy from a Fortinet partner https://partnerportal.fortinet.com/directory/.
Or, the faster method when you dont have a license file, is to use PAYG, you will be charged for the license as you are for VM resources, in Azure billing.
Hi,
Thanks for the Info. Please help me out for this:
During migration I can't add route from Azure to Fortigate Public IP Because of the confilt.
Then I can give Public IP to the management of fortigate vm.
My Question is : How and where i define public Ip for management.
And How i Access it does it also require route in azure?
What is the topology/deployment you are using? For example:
Single FortiGate VM:
HA A-P with LB:
or any other from here https://docs.fortinet.com/document/fortigate-public-cloud/7.6.0/azure-administration-guide/983245
Because, in most cases, you dont need to add a route to your public IP. Also, if you are using single-vm deployment you may or not have separated IPs (one for Public IP for NAT and other services and one exclusively for management) as you can see in my first example here.
Welcome to your new Fortinet Community!
You'll find your previous forum posts under "Forums"
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.