Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
AnthonyH
Staff
Staff

Created on ‎07-15-2025 09:58 PM

Article Id 400448

Technical Tip: Installing FortiManager KVM on EVE-NG and connecting it to FortiGate KVM's Security Fabric

Description This article describes how to deploy FortiManager KVM image on EVE-NG and connect it to the FortiGate.
Scope FortiManager, FortiGate.
Solution

Pre-Requisites:

 

Additionally, in this lab setup, FortiManager is registered to FortiCloud and FortiManager is licensed and has internet connectivity:

  1. Download FortiManager KVM images from https://support.fortinet.com -> Support -> Firmware Download -> select 'FortiManager' as the product -> Download -> v7.00 -> v7.2 -> v7.2.0 -> FGT_VM64_KVM-v7.2.0.F-build1157-FORTINET.out.kvm.zip.
  2. Utilize WinSCP to create a new folder under /opt/unetlab/addons/qemu/ and upload the zip file. The folder's naming format should follow 'fortinet-'. In the example, fortinet-FMG-v7.2.0-build1124 is used, and 'fortinet-FMG-v7.2.0-build1124' was uploaded to the folder.

 

FMG.JPG

 

  1. CD into the folder using VMware Console, change the file's name to virtioa.qcow2, create a second hard drive called virtiob.qcow2 (100GB is given in this example) and fix the permissions using the following commands:

 

root@eve-ng: cd /opt/unetlab/addons/qemu/fortinet-FMG-v7.2.0-build1124

root@eve-ng:/opt/unetlab/addons/qemu/fortinet-FMG-v7.2.0-build1124# mv fortios.qcow2 virtioa.qcow2

root@eve-ng:/opt/unetlab/addons/qemu/fortinet-FMG-v7.2.0-build1124# /opt/qemu/bin/qemu-img create -f qcow2 virtiob.qcow2 100G

root@eve-ng:/opt/unetlab/addons/qemu/fortinet-FMG-v7.2.0-build1124# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

 
  1. Deploy FortiManager to the EVE-NG lab as follows:

FMG5.JPG

 

  1. Deploy the FortiGate and connect cables to FortiManager.

 

FMG3.JPG

 

  1. After turning on both devices, connect to FortiManager through PuTTY. Initially, to log in, the credentials for the username are 'admin' and no password.
  2. On FortiManager, set an IP on the interface within the same subnet as FortiGate.

 

FMG6.JPG

 

  1. On FortiGate, set an IP on the interface and enable 'fgfm'.

 

FMG8.JPG

 

  1. On the FortiGate, navigate to Security Fabric -> Fabric Connectors -> FortiManager, and set FortiManager's IP address. Or in FortiManager, navigate to Device Manager -> Add Device,  and set the FortiGate IP address. Authorize the device either in FortiGate or FortiManager.

 

In FortiGate:

 

FMG9.JPG

Or in FortiManager:

 

FMG12.JPG

 

  1. In FortiManager, the FortiGate is online and synchronized, and in FortiGate, the connection is up and registered.

 

FMG11.JPG

 

FMG13.JPG
438
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.