Creating Security Group
A security group is a set of firewall rules that control the traffic for your VM instances. Amazon by default has your VPC behind a basic firewall. When you create a VPC, a default Security Group protects instances in it. It's recommended to create a custom security group, then add inbound rules so that the traffic will be allowed to flow on the specified ports.
To create a security group:
- Open the Amazon VPC console at https://console.aws.amazon.com/vpc/.
- In the navigation pane, choose Security Groups.
- Choose Create Security Group.
-
Enter a name of the security group (for example, FWB-Manager-group) and provide a description. Select the ID of your VPC from the VPC menu and choose Yes, Create.
To add inbound rules:
- Select the security group you have created.
-
On the Inbound Rules tab, choose Edit. Click Add another rule. In the Type menu, choose Custom TCP Rule. Fill in the form, then click Save to save the rules.
In order for FortiWeb Manager-VM to connect and run properly, it's recommended to add the following inbound rules.
Set the Protocol and Port range as shown in the table; set the source as 0.0.0.0/0 or ::/0 to allow access to the specified ports from all IPv4 or IPv6 addresses.Protocol
Port range
Purpose
TCP
80
Allow inbound HTTP access to FortiWeb Manager GUI from all IPv4 and IPv6 addresses.
Add this rule if you want to access FortiWeb Manager-VM through GUI. You can set the port range according to your own needs.
TCP
443
Allow inbound HTTPS access to FortiWeb Manager GUI from all IPv4 and IPv6 addresses.
Add this rule if you want to access FortiWeb Manager-VM through GUI. You can set the port range according to your own needs.
TCP
22
Allow inbound SSH access from all IPv4 and IPv6 addresses.
Add this rule if you want to access FortiWeb Manager-VM through CLI. You can set the port range according to your own needs.