FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
mtogo_FTNT
Staff
Staff
Description
Amazon EC2 Web Services provide FortiGate-VM Machine images.

As of August 2016, 5.4.1 is the FortiGate-VM current version.  Versions 5.4.0 and 5.0.9 are also available in the AWS Marketplace.

Amazon Virtual Private Cloud introduced Enhanced networking using single root I/O virtualization (SR-IOV). The enhanced networking is supported with higher performance instance types. Detailed information is described at the AWS document site as follows:

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/enhanced-networking.html

FortiGate-VM 5.4.1 regardless of BYOL or ONDEMAND supports the technique and introduced a new NIC driver.

As a side effect, downgrading the 5.4.1 image running the driver to a prior version may cause loss of network connectivity since the new driver is unsupported until 5.4.1.

Since AWS does not provide console access, nothing can be done to recover the downgraded image and there is no way to change the NIC driver to an old one.

The following command displays whether the new driver (
ixgbevf) is installed:
# diag hardware deviceinfo nic port1
Name: port1
Driver: ixgbevf
Version: 2.7.12-k

When a FortiGate-VM prior to 5.4.1 is required, it will be necessary to  install 5.0.9 and upgrade, or install 5.4.0 and downgrade.

Contributors