Fortinet Document Library

Version:


Table of Contents

6.0.0
Copy Link

Configuring the FortiGate-VM

  1. Log into the FortiGate-VM GUI using the default admin account. The default admin account has the username "admin" and no password. The license activation screen appears.
  2. Select Choose File, select your license file, and select OK. The system restarts. After a few minutes, the login screen appears. Log back into the FortiGate-VM.
  3. Using your terminal, enter the following commands to log into the server and enable disk logging:

    ssh -i ./Fortinet-AWS-Keypair.pem admin@ FortiGate-VM64-AWS #execute update-now
FortiGate-VM64-AWS #execute formatlogdisk

  4. Go to System > Admin > Administrators and edit the default admin account. Select Change Password and enter a new password.
  5. Go to System > Network > Interfaces and edit an internal interface (in the example, port2). Set Addressing mode to DHCP. This port's IP address has changed to the IP address that you entered using the terminal (in the example, 10.0.1.5).

  6. Go to Firewall Objects > Virtual IPs > Virtual IPs and create a new virtual IP address that maps RDP (TCP port 3389) to a Windows server that you deploy in the next step.

  7. Go to Policy > Policy > Policy and create a new policy allowing traffic from the Internet-facing interface to the internal interface.

  8. Create a second policy allowing traffic from the internal interface to the Internet-facing interface.

Configuring the FortiGate-VM

  1. Log into the FortiGate-VM GUI using the default admin account. The default admin account has the username "admin" and no password. The license activation screen appears.
  2. Select Choose File, select your license file, and select OK. The system restarts. After a few minutes, the login screen appears. Log back into the FortiGate-VM.
  3. Using your terminal, enter the following commands to log into the server and enable disk logging:

    ssh -i ./Fortinet-AWS-Keypair.pem admin@ FortiGate-VM64-AWS #execute update-now
FortiGate-VM64-AWS #execute formatlogdisk

  4. Go to System > Admin > Administrators and edit the default admin account. Select Change Password and enter a new password.
  5. Go to System > Network > Interfaces and edit an internal interface (in the example, port2). Set Addressing mode to DHCP. This port's IP address has changed to the IP address that you entered using the terminal (in the example, 10.0.1.5).

  6. Go to Firewall Objects > Virtual IPs > Virtual IPs and create a new virtual IP address that maps RDP (TCP port 3389) to a Windows server that you deploy in the next step.

  7. Go to Policy > Policy > Policy and create a new policy allowing traffic from the Internet-facing interface to the internal interface.

  8. Create a second policy allowing traffic from the internal interface to the Internet-facing interface.