Hi,
I have been assgined to deploy a Frotigate VM, i have created the VM successfully but im having a confusion on how to create interfaces for fortigate, and how to connect it to the Virtualised Environment.
The Topology looks like this, its very straight froward setup.
a WAN Link going to terminate on the Physical Server, which in trun will be fortigate WAN interface, my question is how to create the Interfaces for the LAN, which will be connected to the webservers. (pls find the diagram attached.)
Hello,
When you deploy the .ovf file of the FortiGate-VM, 10 network interfaces are automatically assigned to the VM.
Network 1-10 is mapped to port1 - 10 on the FortiGate-VM. First to configure Layer 2, edit the settings of the VM, and change the Destination Network to the correct vswitch nic or vlan (i assume you know about how to configure those). So lets say Network 1 is mapped to WAN and Network 2 is mapped to LAN.
Then to configure Layer 3: open up the console of the FG-VM and configure the interfaces:
# config system interface
# edit port1
# set ip <WAN IP> <network mask>
# set allowaccess ping
# next
# edit port2
# set ip <LAN IP> <network mask>
# set allowaccess ping ssh http https snmp (whatever services you want to enable)
#end
Also note that the FG-VM needs to check its license at the FortiGuard cloud services. To do so a default route needs to be configured and it needs to be able to resolve DNS queries. By default the Fortinet DNS servers are used. Add default route:
# config router static
# edit 0
# set device port1
# set gateway <next hop for WAN, e.g. WAN router>
# end
These examples could change if there are actually multiple/different lan networks in the virtualised environment you connect to. So are the servers all located in the same network? What is the current gateway for those virtual networks or is this a new deployment?
More info at http://docs.fortinet.com/uploaded/files/2324/fortigate-vm-install-52.pdf
Thanks for the Reply.
Is transparent mode in the VM is the same on the Physical box, or its different?
Thanks again
I've just created VMs using v5.4.3 ova and I got only mgnt and 2 ports on my Fusion.
Fortimanager 5.4.5 ova created 4 ports.
How can I add more interfaces to FGT vm ? I've tried to just add it thru Fusion and tested with the VMWare's default e1000 and also with the VMXNET3, the type used by ova. None worked.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.