Fortinet black logo

FortiWeb-VM on Hyper-V

Home FortiWeb Private Cloud FortiWeb-VM on Hyper-V

Configuring the vNetwork for the transparent modes

Configuring the vNetwork for the transparent modes

The default vNetwork configuration does not function with FortiWeb bridges (V-zones), which you use if you deploy your FortiWeb-VM in either true transparent proxy or Transparent Inspection operation mode.

To support the transparent modes, you must:

  • ensure a total of at least three network cards are available to Hyper-V
  • add 2 vSwitches for the bridge: one for the web server side, and one for the client side
  • map the new vSwitches to a network adapter (vNIC)

Similar to a deployment that does not use virtual machines, connections between clients and servers are piped through the two vSwitches that comprise the bridge, with FortiWeb-VM in between them.

To create a vSwitch
  1. In the Hyper-V Manager, under Actions, click Virtual Switch Manager.
  2. Under Virtual Switches, click New virtual network switch, click External, and then click Create Virtual Switch.
  3. Under Virtual Switch Properties, for Name, enter a network label that identifies the port group.

    4. For example, Client-Side-vSwitch1.

    For all other settings, use the default values.

  4. Click OK.
  5. Repeat this procedure to create the other vSwitch.

    6. For example, create a vSwitch with the name Server-Side-vSwitch2.

  6. In the list of virtual machines, select the FortiWeb-VM machine, and then click Settings.
  7. Under Hardware, for the second and third Adaptor items, select the virtual switches you created earlier.

    8. For example, select Client-Side-vSwitch1 and Server-Side-vSwitch2.

  8. Click OK.
  9. Later, when you configure FortiWeb-VM, add port2 and port3 (or whichever FortiWeb ports correspond to the vSwitches you created in this procedure) to the bridge (V-zone).
Previous
Next

Configuring the vNetwork for the transparent modes

The default vNetwork configuration does not function with FortiWeb bridges (V-zones), which you use if you deploy your FortiWeb-VM in either true transparent proxy or Transparent Inspection operation mode.

To support the transparent modes, you must:

  • ensure a total of at least three network cards are available to Hyper-V
  • add 2 vSwitches for the bridge: one for the web server side, and one for the client side
  • map the new vSwitches to a network adapter (vNIC)

Similar to a deployment that does not use virtual machines, connections between clients and servers are piped through the two vSwitches that comprise the bridge, with FortiWeb-VM in between them.

To create a vSwitch
  1. In the Hyper-V Manager, under Actions, click Virtual Switch Manager.
  2. Under Virtual Switches, click New virtual network switch, click External, and then click Create Virtual Switch.
  3. Under Virtual Switch Properties, for Name, enter a network label that identifies the port group.

    4. For example, Client-Side-vSwitch1.

    For all other settings, use the default values.

  4. Click OK.
  5. Repeat this procedure to create the other vSwitch.

    6. For example, create a vSwitch with the name Server-Side-vSwitch2.

  6. In the list of virtual machines, select the FortiWeb-VM machine, and then click Settings.
  7. Under Hardware, for the second and third Adaptor items, select the virtual switches you created earlier.

    8. For example, select Client-Side-vSwitch1 and Server-Side-vSwitch2.

  8. Click OK.
  9. Later, when you configure FortiWeb-VM, add port2 and port3 (or whichever FortiWeb ports correspond to the vSwitches you created in this procedure) to the bridge (V-zone).
Previous
Next