Fortinet Document Library

Version:


Table of Contents

Deploying FortiAuthenticator on Azure

About FortiAuthenticator for Azure

6.2.0
Download PDF
Copy Link

Creating a FortiAuthenticator-VM

This section details how to create and launch a FortiAuthenticator-VM from Azure Marketplace.

Locate Fortinet FortiAuthenticator ID Access Management in the Microsoft Azure Marketplace:
  1. From the Microsoft Azure Portal, click Create a resource.
  2. In the search field, search for FortiAuthenticator and select Fortinet FortiAuthenticator ID Access Management.
  3. Under Fortinet FortiAuthenticator ID Access Management, click Create.
Configure the basics:
  1. In the Basics tab, under Project details, configure the following settings:
    1. For Subscription, confirm that you have selected a valid subscription from the dropdown menu.
    2. For Resource group, select Create new to create a new resource group.
      Note

      Selecting an existing resource group will often cause the deployment to fail due to the fact that Azure does not allow deployment of resources into existing resource groups that are not empty.

  2. Under Instance details, configure the following settings:
    1. For Virtual machine name, provide a name for your FortiAuthenticator-VM instance.
    2. For Region, select a region.
    3. For Availability options, select an option applicable to your use case.
    4. For Image, ensure that FortiAuthenticator VM (BYOL) is selected.
    5. For Size, select an instance type that is capable of supporting your use case for FortiAuthenticator. For recommended instance types, see Azure instance type support

  3. Under Administrator account, configure the following settings:
    1. For Authentication type, select whether the administrator will use a password or an SSH key for authentication.
    2. For Username, type an administrator username for the VM.
    3. If Password is selected for Authentication type, in the Password and Confirm Password fields, type a password for the administrator.
      Note: The username and password will be used to log into FortiAuthenticator-VM after it is deployed.
    4. If SSH public key is selected for Authentication type, in the SSH public key field, provide an RSA public key in the single-line format or the multi-line PEM format.
      For information on generating an RSA public key, see Create and use an SSH public-private key pair for Linux VMs in Azure.
      SSH Public Key selection in Azure FortiAuthenticator setup
Attach an additional disk:
  1. Click Next : Disks.
  2. Under Disk options, for OS disk type, select a disk type.
    For logging, an additional disk is needed.
  3. Under Data disks, click Create and attach a new disk.
  4. Under Create a new disk, configure the following:
    1. For Name, specify a name for the new disk.
    2. For Source type, ensure that None (empty disk) is selected.
    3. For Size, select a disk size that supports your usage patterns. For storage guidelines based on user count, see FortiAuthenticator-VM sizing guidelines in the Release Notes.
    4. Click OK.
      The new disk is added to the virtual machine.

Define network connectivity for your virtual machine:
  1. Click Next : Networking.
  2. Under Network interface, configuring the following:
    1. For Virtual network, select the default or create a new virtual network.
    2. For Subnet, select an available subnet.
    3. For Public IP, select the default.
    4. For Configure network security group, either select an existing network security group from the dropdown menu, or create a new network security group.

Configuring management options:
  1. Click Next : Management.
  2. Configure monitoring and management options for your VM as needed.
Configuring advanced options:
  1. Click Next : Advanced.
  2. Configure additional configurations, agents, scripts, or applications as needed.
Add tags:
  1. Click Next : Tags.
  2. If needed, add any tags to help you categorize your FortiAuthenticator-VM instance.
Review and create your VM:
  1. Click Next : Review + Create.
  2. Review the terms and details of your configuration.
  3. Click Create.

Deployment of the FortiAuthenticator-VM begins. The deployment process takes an average of 10 minutes to complete, but may vary. When the deployment process is finished and the FortiAuthenticator-VM is provisioned and powered up, access the FortiAuthenticator-VM to complete the post-deployment setup. See Connecting to FortiAuthenticator.

Creating a FortiAuthenticator-VM

This section details how to create and launch a FortiAuthenticator-VM from Azure Marketplace.

Locate Fortinet FortiAuthenticator ID Access Management in the Microsoft Azure Marketplace:
  1. From the Microsoft Azure Portal, click Create a resource.
  2. In the search field, search for FortiAuthenticator and select Fortinet FortiAuthenticator ID Access Management.
  3. Under Fortinet FortiAuthenticator ID Access Management, click Create.
Configure the basics:
  1. In the Basics tab, under Project details, configure the following settings:
    1. For Subscription, confirm that you have selected a valid subscription from the dropdown menu.
    2. For Resource group, select Create new to create a new resource group.
      Note

      Selecting an existing resource group will often cause the deployment to fail due to the fact that Azure does not allow deployment of resources into existing resource groups that are not empty.

  2. Under Instance details, configure the following settings:
    1. For Virtual machine name, provide a name for your FortiAuthenticator-VM instance.
    2. For Region, select a region.
    3. For Availability options, select an option applicable to your use case.
    4. For Image, ensure that FortiAuthenticator VM (BYOL) is selected.
    5. For Size, select an instance type that is capable of supporting your use case for FortiAuthenticator. For recommended instance types, see Azure instance type support

  3. Under Administrator account, configure the following settings:
    1. For Authentication type, select whether the administrator will use a password or an SSH key for authentication.
    2. For Username, type an administrator username for the VM.
    3. If Password is selected for Authentication type, in the Password and Confirm Password fields, type a password for the administrator.
      Note: The username and password will be used to log into FortiAuthenticator-VM after it is deployed.
    4. If SSH public key is selected for Authentication type, in the SSH public key field, provide an RSA public key in the single-line format or the multi-line PEM format.
      For information on generating an RSA public key, see Create and use an SSH public-private key pair for Linux VMs in Azure.
      SSH Public Key selection in Azure FortiAuthenticator setup
Attach an additional disk:
  1. Click Next : Disks.
  2. Under Disk options, for OS disk type, select a disk type.
    For logging, an additional disk is needed.
  3. Under Data disks, click Create and attach a new disk.
  4. Under Create a new disk, configure the following:
    1. For Name, specify a name for the new disk.
    2. For Source type, ensure that None (empty disk) is selected.
    3. For Size, select a disk size that supports your usage patterns. For storage guidelines based on user count, see FortiAuthenticator-VM sizing guidelines in the Release Notes.
    4. Click OK.
      The new disk is added to the virtual machine.

Define network connectivity for your virtual machine:
  1. Click Next : Networking.
  2. Under Network interface, configuring the following:
    1. For Virtual network, select the default or create a new virtual network.
    2. For Subnet, select an available subnet.
    3. For Public IP, select the default.
    4. For Configure network security group, either select an existing network security group from the dropdown menu, or create a new network security group.

Configuring management options:
  1. Click Next : Management.
  2. Configure monitoring and management options for your VM as needed.
Configuring advanced options:
  1. Click Next : Advanced.
  2. Configure additional configurations, agents, scripts, or applications as needed.
Add tags:
  1. Click Next : Tags.
  2. If needed, add any tags to help you categorize your FortiAuthenticator-VM instance.
Review and create your VM:
  1. Click Next : Review + Create.
  2. Review the terms and details of your configuration.
  3. Click Create.

Deployment of the FortiAuthenticator-VM begins. The deployment process takes an average of 10 minutes to complete, but may vary. When the deployment process is finished and the FortiAuthenticator-VM is provisioned and powered up, access the FortiAuthenticator-VM to complete the post-deployment setup. See Connecting to FortiAuthenticator.