Fortinet black logo

Administration Guide

Home FortiGate CNF Administration Guide

Adding an endpoint to an AWS instance

Adding an endpoint to an AWS instance

An endpoint is added to your VPC to route traffic to and from the FortiGate CNF instance.

To add an endpoint to an AWS instance:

  1. In CNF Instances, select an instance and click Edit.

  2. Click Configure Endpoints.

  3. In the table, click New.

  4. Enter a name for the endpoint, then select the appropriate AWS account.

  5. In VPC ID, select the VPC to connect to.

  6. In Subnet, select a subnet.

    Tooltip

    AWS subnets must be created and tagged in AWS before they are available in this form.

    In AWS, create a subnet in this VPC and tag it with Key = fortigatecnf_subnet_type and Value = endpoint.

  7. Click Save. FortiGate CNF creates the endpoint, which may take several minutes. The status of the instance displays as Active when this process is complete.

    Note

    You may create any number of endpoint subnets, allowing for multiple workloads to be protected by the same FortiGate CNF instance. If a different policy set is needed for an endpoint, create a new FortiGate CNF instance with the needed policy set for that endpoint.

Tags created

When an AWS endpoint is added, the following tags are created in the AWS account where the FortiGate CNF instance is deployed:

Tag

Sample value

Region

us-west-2

CNFId

2735

ManagedBy

FortiGate CNF

CNFName

AWS CNF example

Name

beta-c43-s2735-endpoint-subnet-0d1ce21403369975c
Previous
Next

Adding an endpoint to an AWS instance

An endpoint is added to your VPC to route traffic to and from the FortiGate CNF instance.

To add an endpoint to an AWS instance:

  1. In CNF Instances, select an instance and click Edit.

  2. Click Configure Endpoints.

  3. In the table, click New.

  4. Enter a name for the endpoint, then select the appropriate AWS account.

  5. In VPC ID, select the VPC to connect to.

  6. In Subnet, select a subnet.

    Tooltip

    AWS subnets must be created and tagged in AWS before they are available in this form.

    In AWS, create a subnet in this VPC and tag it with Key = fortigatecnf_subnet_type and Value = endpoint.

  7. Click Save. FortiGate CNF creates the endpoint, which may take several minutes. The status of the instance displays as Active when this process is complete.

    Note

    You may create any number of endpoint subnets, allowing for multiple workloads to be protected by the same FortiGate CNF instance. If a different policy set is needed for an endpoint, create a new FortiGate CNF instance with the needed policy set for that endpoint.

Tags created

When an AWS endpoint is added, the following tags are created in the AWS account where the FortiGate CNF instance is deployed:

Tag

Sample value

Region

us-west-2

CNFId

2735

ManagedBy

FortiGate CNF

CNFName

AWS CNF example

Name

beta-c43-s2735-endpoint-subnet-0d1ce21403369975c
Previous
Next