Technical Tip: How to deploy a FortiGate-VM BYOL o... - Fortinet Community

FortiGate

FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.

Article Id 281575

Description

This article describes the procedure to deploy a FortiGate-VM on GCP with the license 'type: Bring Your Own License'.

Scope

FortiGate

FGTVM04 license, 4 CPUs.
GCP Account and project-id created.

Solution

On the GCP main menu, go to VPC Network -> VPC Networks and select 'Create VPC Network'.

Create two VPCs, the first one with the External VPC and the second one assigned to the Internal VPC.

Go to the Marketplace and type FortiGate to show the available options to deploy the FortiGate-VM on GCP, then select the BYOL license type.

Under the deployment page, add a name for the VM, select the desired GCP Zone aligned to the VPC subnet region created on the VPC, and select the machine type 'e2-standard-4'

Select the FortiOS Image version, by default, only one VPC is added on the Networking settings, select 'Add a Network Interface' to add the second VPC, ensure that both the External and Internal VPC are selected, go to the bottom and select 'Deploy'.

Once the FortiGate-VM on GCP has been deployed, it provides the Admin URL and the Admin temporary password.

After changing the admin password, the FortiGate-VM license is needed. Select 'Upload', select the BYOL file, and select 'OK'. The FortiGate-VM will reboot to complete the license installation.

The FortiGate-VM on GCP is ready to use

617

Contributors

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Copyright 2025 Fortinet, Inc. All Rights Reserved.