Fortinet Document Library

Version:


Table of Contents

Azure Cookbook

Resources

Upgrade Path Tool

Azure Cookbook

6.2.0
Download PDF
Copy Link

Creating the VNet and subnets in network settings

In the Azure management portal, step 2, Network Settings and Instance, consists of configuring the following:

  • A VNet
  • Subnets
  • VM (Azure instance type)

Azure automatically populates some fields with default values. Usually, it is fine to proceed with these values and modification is not needed. These values are embedded in ARM deployment templates in the backend.

  1. Configure the VNet as follows:
    1. Name: change to the desired name. In the example, the name is FortigateProtectedVNet.
    2. Address space: by default, if this is the first FortiGate deployment in the specified resource group, the space is shown as 10.0.0.0/16. You can change this to your own space range depending on your corporate network environment. This value increments with subsequent deployments. For example, the default value for the second deployment would be 10.1.0.0/16.

  2. Click OK.
  3. Configure subnets as follows:
    1. You will see two subnets: one public-facing subnet, and another protected network subnet. These subnets belong to the VNet address space created in the previous step. By default, the public-facing subnet is 10.0.0.0/24, and the protected network subnet is 10.0.1.0/24. If you change these values, ensure they fit into the address space and that the two subnets do not overlap in the ranges, as a FortiGate instance will sit inline between the two, having two network interfaces (ports).
    2. In this example, the public-facing subnet is named PublicFacingSubnet, and the private subnet (the internal protected network) is named FortigateProtectedSubnet.
    3. If the space is within 10.0.0.0/16 and there are no existing resources in it, the FortiGates’ default private IP addresses will usually be as follows:
      • FortiGate A:
        • Port 1: 10.0.0.4 (PublicFacingSubnet)
        • Port 2: 10.0.1.4 (FortigateProtectedSubnet
      • FortiGate B:
        • Port 1: 10.0.0.5 (PublicFacingSubnet)
        • Port 2: 10.0.1.5 (FortigateProtectedSubnet
  4. Note specific IP addresses cannot be seen at this point. Once you are comfortable with the ranges, click OK.

Resources

Creating the VNet and subnets in network settings

In the Azure management portal, step 2, Network Settings and Instance, consists of configuring the following:

  • A VNet
  • Subnets
  • VM (Azure instance type)

Azure automatically populates some fields with default values. Usually, it is fine to proceed with these values and modification is not needed. These values are embedded in ARM deployment templates in the backend.

  1. Configure the VNet as follows:
    1. Name: change to the desired name. In the example, the name is FortigateProtectedVNet.
    2. Address space: by default, if this is the first FortiGate deployment in the specified resource group, the space is shown as 10.0.0.0/16. You can change this to your own space range depending on your corporate network environment. This value increments with subsequent deployments. For example, the default value for the second deployment would be 10.1.0.0/16.

  2. Click OK.
  3. Configure subnets as follows:
    1. You will see two subnets: one public-facing subnet, and another protected network subnet. These subnets belong to the VNet address space created in the previous step. By default, the public-facing subnet is 10.0.0.0/24, and the protected network subnet is 10.0.1.0/24. If you change these values, ensure they fit into the address space and that the two subnets do not overlap in the ranges, as a FortiGate instance will sit inline between the two, having two network interfaces (ports).
    2. In this example, the public-facing subnet is named PublicFacingSubnet, and the private subnet (the internal protected network) is named FortigateProtectedSubnet.
    3. If the space is within 10.0.0.0/16 and there are no existing resources in it, the FortiGates’ default private IP addresses will usually be as follows:
      • FortiGate A:
        • Port 1: 10.0.0.4 (PublicFacingSubnet)
        • Port 2: 10.0.1.4 (FortigateProtectedSubnet
      • FortiGate B:
        • Port 1: 10.0.0.5 (PublicFacingSubnet)
        • Port 2: 10.0.1.5 (FortigateProtectedSubnet
  4. Note specific IP addresses cannot be seen at this point. Once you are comfortable with the ranges, click OK.