Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
kajlasunil
Staff
Staff

Created on ‎07-31-2024 06:58 AM Edited on ‎10-18-2024 08:28 AM By Staff

Article Id 329180

Technical Tip: How to install FortiGate KVM in EVE-NG

Description

This article describes how to install FortiGate KVM in EVE-NG.
Scope

FortiOS 6.4.X, 7.0.X,7.2.X, 7.4.X.
Solution

Prerequisites:

  1. EVE-NG installed:  Make sure to have either the Community or Professional version of EVE-NG installed on the system.
  2. FortiGate VM image: Download the FortiGate VM image (KVM version) from the Fortinet support site.

Steps:

  1. Download the FortiGate Image:

 

kajlasunil_0-1722433558943.png

 

  • Or if there is a need to use an old version that is not available above, go to the following and download the preferred FortiOS version for the KVM platform under support.fortinet.com -> Support -> Firmware download.


firmware.PNG

 

 

  1. Prepare the Image:

    Extract the downloaded FortiGate VM image file, which usually has a .qcow2 extension.

     

    kajlasunil_1-1722433558945.png

     

Upload the Image to EVE-NG:

Use WinSCP (Windows) or SCP (Linux/Mac) to upload the .qcow2 file to your EVE-NG server.

Navigate to the directory  /opt/unetlab/addons/qemu/.

Create a new directory for the FortiGate image. Use the format fortinet-FortiGate-version (e.g., fortinet-FortiGate-7.2.8):

 

kajlasunil_2-1722433558948.png

 

Upload the .qcow2 file to this new directory and rename it to virtioa.qcow2.

 

 

  1. Set Correct Permissions:

    Connect to the EVE-NG console and set the correct permissions for the uploaded file:

    cd /opt/unetlab/addons/qemu/fortinet-FortiGate-7.2.8

    /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

     

    kajlasunil_3-1722433558949.png

     

     

  2. Add FortiGate to the Lab:

    Log in to the EVE-NG web interface.

    Create a new lab or open an existing one.

    Add a new node to the lab. FortiGate should be listed among the available devices. Select it and configure it as needed.

     

    kajlasunil_4-1722433558953.png

     

     

     

    kajlasunil_5-1722433558956.png

     

     

     

  3. Start and Configure FortiGate:

    Start the FortiGate VM.

    Open the console to perform initial configurations, such as setting up management interfaces and other settings as required.

     

    kajlasunil_6-1722433558957.png

     

     

    kajlasunil_7-1722433558965.png

 

 

Additional note:

 

If multiple FortiGate are needed for the labs in EVE-NG, note that each FortiGate VM will have a unique serial number. This can lead to issues when trying to register multiple VMs under the same FortiCare account.

 

If an issue arises where the trial license becomes invalid due to serial number changes, old FortiGate needs to be decommissioned before using a new FortiGate VM in a lab. For detailed steps on how to decommission assets in FortiCloud, refer to Decommissioning assets.

 

By decommissioning the old FortiGate VM, new FortiGate can successfully be registered without any issues, even when creating multiple labs in EVE-NG.

 

Starting from v7.2.1, the FortiGate-VM evaluation license is now a permanent trial license. It requires a FortiCare account to avail of the trial license which has limited features and capacity. More information in this link: Permanent trial mode for FortiGate-VM
3616
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.