Fortinet black logo

Azure vWAN SD-WAN NGFW Deployment Guide

Home FortiGate Public Cloud 7.4.0 Azure vWAN SD-WAN NGFW Deployment Guide
7.4.0
7.4.0
7.2.0

Deploying vWAN on Azure

Deploying vWAN on Azure

Following is a summary of the steps required to deploy virtual WAN on Azure:

  1. On Azure Marketplace, deploy Azure vWAN. See Creating the Azure virtual WAN.
  2. On Azure Marketplace, deploy Azure vWAN hub. See Creating the virtual WAN hub.
  3. On the Azure portal, peer an Azure virtual network (VNET) to the virtual WAN hub. See Peering a vNET to the virtual WAN hub.
  4. On Azure Marketplace, deploy FortiGates network virtual appliances (NVAs). See Deploying FortiGate NVAs in vWAN hub.
  5. On the Azure portal, enable the routing policy. See Enabling Azure routing policy.
  6. On FortiManager, authorize the FortiGate NVAs for management by FortiManager. See Authorizing FortiGate NVAs on FortiManager.

    When managing branch devices for SD-WAN, ensure that branch devices are in a separate device group in FortiManager. See Adding FortiGate branch devices to device groups.

  7. On FortiManager, apply the license to the FortiGate NVAs. See Licensing FortiGate NVAs on FortiManager.
  8. On FortiManager, configure the static routes for each FortiGate NVA. See Configuring static routes and enabling BGP on FortiGate NVAs.
  9. On FortiManager, configure remote logging for the FortiGate NVAs. See Configuring remote logging on NVA FortiGates.
  10. On FortiManager, enable FGSP on the FortiGate NVAs. See Configuring FGSP on FortiGate NVAs (CLI).
Previous
Next

Deploying vWAN on Azure

Following is a summary of the steps required to deploy virtual WAN on Azure:

  1. On Azure Marketplace, deploy Azure vWAN. See Creating the Azure virtual WAN.
  2. On Azure Marketplace, deploy Azure vWAN hub. See Creating the virtual WAN hub.
  3. On the Azure portal, peer an Azure virtual network (VNET) to the virtual WAN hub. See Peering a vNET to the virtual WAN hub.
  4. On Azure Marketplace, deploy FortiGates network virtual appliances (NVAs). See Deploying FortiGate NVAs in vWAN hub.
  5. On the Azure portal, enable the routing policy. See Enabling Azure routing policy.
  6. On FortiManager, authorize the FortiGate NVAs for management by FortiManager. See Authorizing FortiGate NVAs on FortiManager.

    When managing branch devices for SD-WAN, ensure that branch devices are in a separate device group in FortiManager. See Adding FortiGate branch devices to device groups.

  7. On FortiManager, apply the license to the FortiGate NVAs. See Licensing FortiGate NVAs on FortiManager.
  8. On FortiManager, configure the static routes for each FortiGate NVA. See Configuring static routes and enabling BGP on FortiGate NVAs.
  9. On FortiManager, configure remote logging for the FortiGate NVAs. See Configuring remote logging on NVA FortiGates.
  10. On FortiManager, enable FGSP on the FortiGate NVAs. See Configuring FGSP on FortiGate NVAs (CLI).
Previous
Next