Fortinet Document Library

Version:


Table of Contents

About FortiGate for AWS

Deploying FortiGate on AWS

Deploying auto scaling on AWS

Single FortiGate-VM Deployment

Use Case: High Availability for FortiGate on AWS

Security Fabric Connector Integration with AWS

Resources

Upgrade Path Tool
6.0.0
Copy Link

Configuring the FortiGate-VM

  1. Log into the FortiGate-VM GUI using the default admin account. The default admin account has the username "admin" and no password. The license activation screen appears.
  2. Select Choose File, select your license file, and select OK. The system restarts. After a few minutes, the login screen appears. Log back into the FortiGate-VM.
  3. Using your terminal, enter the following commands to log into the server and enable disk logging:

    ssh -i ./Fortinet-AWS-Keypair.pem admin@ FortiGate-VM64-AWS #execute update-now
FortiGate-VM64-AWS #execute formatlogdisk

  4. Go to System > Admin > Administrators and edit the default admin account. Select Change Password and enter a new password.
  5. Go to System > Network > Interfaces and edit an internal interface (in the example, port2). Set Addressing mode to DHCP. This port's IP address has changed to the IP address that you entered using the terminal (in the example, 10.0.1.5).

  6. Go to Firewall Objects > Virtual IPs > Virtual IPs and create a new virtual IP address that maps RDP (TCP port 3389) to a Windows server that you deploy in the next step.

  7. Go to Policy > Policy > Policy and create a new policy allowing traffic from the Internet-facing interface to the internal interface.

  8. Create a second policy allowing traffic from the internal interface to the Internet-facing interface.

Resources

Configuring the FortiGate-VM

  1. Log into the FortiGate-VM GUI using the default admin account. The default admin account has the username "admin" and no password. The license activation screen appears.
  2. Select Choose File, select your license file, and select OK. The system restarts. After a few minutes, the login screen appears. Log back into the FortiGate-VM.
  3. Using your terminal, enter the following commands to log into the server and enable disk logging:

    ssh -i ./Fortinet-AWS-Keypair.pem admin@ FortiGate-VM64-AWS #execute update-now
FortiGate-VM64-AWS #execute formatlogdisk

  4. Go to System > Admin > Administrators and edit the default admin account. Select Change Password and enter a new password.
  5. Go to System > Network > Interfaces and edit an internal interface (in the example, port2). Set Addressing mode to DHCP. This port's IP address has changed to the IP address that you entered using the terminal (in the example, 10.0.1.5).

  6. Go to Firewall Objects > Virtual IPs > Virtual IPs and create a new virtual IP address that maps RDP (TCP port 3389) to a Windows server that you deploy in the next step.

  7. Go to Policy > Policy > Policy and create a new policy allowing traffic from the Internet-facing interface to the internal interface.

  8. Create a second policy allowing traffic from the internal interface to the Internet-facing interface.