Help
FortiSandbox
FortiSandbox provides a solution to protect against advanced threats and ransomware for companies who don’t want to implement and maintain a sandbox environment on their own.
juanfire19
Staff
Staff

Created on ‎02-20-2023 09:32 PM

Article Id 246529

Tecnical Tip: Windows/macOS/LinuxOT VM license activation

Description This article describes how to activate windows/macOS/Linux licenses for FortiSandbox usage purposes.
Scope FortiSandbox 3.2.x and later.
Solution

1) In the Fortisandbox GUI, configure a proper DNS server under system -> DNS.

This server must be able to go the internet and therefore a default route will be required.

 

2) In the CLI, enable the following debug that will show the activation process of VMs in real-time:

 

# diagnose-debug vminit

 

3) In the GUI, go to Scan Policy and Object. if the required images are already downloaded, go to 5) directly.

 

4) To install VM images from scratch, there are two possible ways, over GUI or CLI.

Internet connectivity and access to FortiGuard servers are required:

- Go to Scan Policy and Object, below 'Status'  the size of each VM's image will be visible, and if you select it, an automatic download will start.

- Open an SSH session and perform the following steps:

 

Download the Base Package with all Images.

Execute the Following Command:

 

# fw-upgrade -v -sfsavm.fortinet.net -tftp -f/images/v3.00/general_base.pkg

 

In case executing the following command, there is an output saying the destination file is too Small:


# test-nework

 

In case something fails with the network, follow the referred links in order to troubleshoot a network issue with Fortinet's server:

https://docs.fortinet.com/document/fortisandbox/3.1.0/administration-guide/161156/fortiguard

 

Both Port 1 & Port 3 need to have Internet access.

 

Download Windows 10 w Office 2016.

It is possible to download the Windows 10 x64 with Office 2016 directly from the device by raising an SSH Connection and executing the Following Command:


fw-upgrade -v -sfsavm.fortinet.net -tftp -f/images/v3.00/WIN10X64VMO16_3.pkg

 

It is possible to download the Windows 10 x64 with Office 2016 and then from an FTP Server Upload it to the unit manually by executing the below command:
- Download package to the PC: ftp://fsavm.fortinet.net/images/v3.00/WIN10X64VMO16_3.pkg


2) fw-upgrade -v -s<IP> -tftp -u<User> -p<Password> -f<Path of Package>


Example:

 

fw-upgrade -v -s10.10.10.10 -tftp -utest -ptest -f/WIN10X64VMO16_3.pkg

 

Note that the manual process to download the package and upload the file to the Unit by using an FTP server is not supported by TAC team.

 

5) Once the licenses were validated under the Forticare account, go to Scan Policy and Object, select the desired VM to be activated and select the option 'Edit clone number', change the value from 0 to 1, press enter, and apply the changes.

On the debug, a messages which indicates the VM activation will appear:

 

timestamp of VM clone number has been changed.

timestamp of VM profile has been changed.

VM clone number has been changed. WIN7X86VMO16E 0 -> 1

VM clone number has been changed.

VMMGRD: Clean job done.

VMinit has been launched.

Start initializing VM images

 

To have a better view of the logs generated, on the  GUI go to Log&report -> events -> VM events.
87
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.​

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2023 Fortinet, Inc. All Rights Reserved.