Technical Tip: How to use Azure VM extensions to add boot scripts and custom config in AZURE setups and auto-scaling

JaskiratM · ‎05-17-2023

Description

This article describes using Azure VM extensions to add boot scripts and custom config in VNET setups and auto-scaling.

Scope

FortiGate VM (standalone/HA/Auto scale) deployed in AZURE.

Solution

1) When creating the FortiGate VM, navigate to the advanced section in the AZURE setup wizard.

Choose 'Select an extension to install'.

2) Choose 'Azure AD based SSH login'.

Select 'next' and install the SSH extension to the VM/Auto-Scale set.

2) Add the config/script in the 'Custom Data section'.

Now this part of the config/script will be implemented whenever the FortiGate is booted up or a new auto-scaling peer is triggered.

This can be very useful when an action is required to happen whenever a new instance is triggered.

One use case would be where a custom IPS engine is required in the FortiGate instead of the default one (pre-installed with firmware) in the auto-scaling group. In that case, run a script to fetch the IPS config/file and install it during the initial boot.
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Updating-AV-IPS-package-from-CLI-using-FTP...

3) Once, the FortiGate VM boots up, the implementation can be verified:

Technical Tip: How to use Azure VM extensions to add boot scripts and custom config in AZURE setups and auto-scaling

Description

Scope

Solution

You are leaving our website