Help
FortiGate Azure Discussions & Onboarding Information
Sakshi_Negi
New Contributor

Created on ‎09-16-2024 07:51 AM

Migrating SonicWall to Fortigate VM on Azure.

A customer having Microsoft Asure with SonicWall VM.

Now we are migrating SonicWall to Fortigate VM on azure.

1.    Can I do the configuration of Fortigate VM on azure before go live?

2. Will azure team give new IPs or I can use the exiting IP?

3. To onboard I'll use the market place or import the VM image?

4.We have to go with BYOL or PAYG

 

Please help me out.

222
0 Kudos
3 REPLIES 3
Gallego
Staff
Staff

Created on ‎09-16-2024 08:08 AM

Hi Sakshi, I recommend you to visit https://docs.fortinet.com/cloud-solutions/azure to understand how you can deploy FortiGate on Azure, as it can be a single vm, HA, auto-scale, etc and depending on the chosen deployment option you will have different alternatives. In summary:

1.    Can I do the configuration of Fortigate VM on azure before go live?

A: Yes, you can script all the settings and use it when creating the VM. Or, if you're not familiar, you can boot up the VM, configure and after it is ready, you change route tables or any other resource in Azure to use it as your gateway, but this depends on how you are deploying it.

 

2. Will azure team give new IPs or I can use the exiting IP?

A: depends on your existing IP type today and where you will need to use it.

 

3. To onboard I'll use the market place or import the VM image?

A: Use marketplace images

 

4.We have to go with BYOL or PAYG

A: BYOL is used when you have a license file. If you dont have it, you can buy from a Fortinet partner https://partnerportal.fortinet.com/directory/.

Or, the faster method when you dont have a license file, is to use PAYG, you will be charged for the license as you are for VM resources, in Azure billing. 

218
Sakshi_Negi
New Contributor
In response to Gallego

Created on ‎09-17-2024 11:36 PM

Hi,

 

Thanks for the Info. Please help me out for this:

During migration I can't add route from Azure to Fortigate Public IP Because of the confilt.

Then I can give Public IP to the management of fortigate vm.

My Question is : How and where i define public Ip for management.

And How i Access it does it also require route in azure?

172
0 Kudos
Gallego
Staff
Staff
In response to Sakshi_Negi

Created on ‎09-18-2024 06:01 AM

What is the topology/deployment you are using? For example:

Single FortiGate VM:

cb9fb0e9536e2d0cd7685f03d28ab1e9_single%20VM

 

HA A-P with LB:

af6564559bbe2ec34060efc54920e15c_active-passive%20LB

or any other from here https://docs.fortinet.com/document/fortigate-public-cloud/7.6.0/azure-administration-guide/983245

 

Because, in most cases, you dont need to add a route to your public IP. Also, if you are using single-vm deployment you may or not have separated IPs (one for Public IP for NAT and other services and one exclusively for management) as you can see in my first example here.

161
0 Kudos
Announcements

Welcome to your new Fortinet Community!

You'll find your previous forum posts under "Forums"

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.