Fortinet Document Library

Version:


Table of Contents

Azure Cookbook

Resources

Upgrade Path Tool

Azure Cookbook

6.2.0
Download PDF
Copy Link

Connecting to the FortiGate-VMs

  1. Now let’s connect to FortiGate nodes A and B. You must find the assigned public IP addresses. Navigate to the newly created resource group.
  2. Select the VM named <resource group name>-A. In this example, it is fortigateha001-A.

    FortiGate A’s public IP address can be found in its VM’s overview.

    You can also see this IP address as the LB’s public IP address “A”. In this example, the LB’s resource name is FortiGate-LB-PublicIP-A.

  3. Let's also check the existing inbound NAT configuration on the LB. Locate <resource_name>publicLB. In this example, it is fortigate001publicLB. Click Inbound NAT rules. There are four rules: FortiGate-A 443, FortiGate-A 22, FortiGate-B 443, and FortiGate-B 22. We will use 443.

  4. In your browser, navigate to https://<FortiGateA_IP_Address>. The login screen should appear. Enter the administrator username and password specified in Configuring FortiGate-VM initial parameters.

  5. If you’re using a BYOL license, upload your license (.lic) file to activate the FortiGate. The FortiGate will automatically restart. After it restarts, log in again.
  6. You should now be able to log in and see FortiGate-A’s dashboard as follows. In this example, the hostname is fortigate001-A. You can distinguish that this is FortiGate-A by the hostname. Note the look and feel may differ depending on the FortiOS version in use.

  7. Log into the FortiOS management GUI, and navigate to Network > Interfaces. Verify the private IP addresses for port1 and port2 are properly assigned.

  8. Now let’s access FortiGate B. You can find the public IP address in the LB’s public IP address “B”. In this example, the LB’s resource name is FortiGate-LB-PublicIP-B

  9. In your browser, navigate to https://<FortiGateA_IP_Address>. The login screen should appear. Enter the administrator username and password specified in Configuring FortiGate-VM initial parameters. By default, these attributes are the same as those of FortiGate A.

  10. If you’re using a BYOL license, upload your license (.lic) file to activate the FortiGate. The FortiGate will automatically restart. After it restarts, log in again.
  11. You should now be able to log in and see FortiGate B’s dashboard as follows. In this example, the hostname is fortigate001-B. You can distinguish that this is FortiGate B by the hostname. Fortinet highly encourages that FortiGate A and FortiGate B run the same FortiOS version.

    When using the Azure availability set, the two FortiGate instances’ firewall policy configurations are not automatically synchronized. You must manually force the same policy configuration on both nodes at all times.

Resources

Connecting to the FortiGate-VMs

  1. Now let’s connect to FortiGate nodes A and B. You must find the assigned public IP addresses. Navigate to the newly created resource group.
  2. Select the VM named <resource group name>-A. In this example, it is fortigateha001-A.

    FortiGate A’s public IP address can be found in its VM’s overview.

    You can also see this IP address as the LB’s public IP address “A”. In this example, the LB’s resource name is FortiGate-LB-PublicIP-A.

  3. Let's also check the existing inbound NAT configuration on the LB. Locate <resource_name>publicLB. In this example, it is fortigate001publicLB. Click Inbound NAT rules. There are four rules: FortiGate-A 443, FortiGate-A 22, FortiGate-B 443, and FortiGate-B 22. We will use 443.

  4. In your browser, navigate to https://<FortiGateA_IP_Address>. The login screen should appear. Enter the administrator username and password specified in Configuring FortiGate-VM initial parameters.

  5. If you’re using a BYOL license, upload your license (.lic) file to activate the FortiGate. The FortiGate will automatically restart. After it restarts, log in again.
  6. You should now be able to log in and see FortiGate-A’s dashboard as follows. In this example, the hostname is fortigate001-A. You can distinguish that this is FortiGate-A by the hostname. Note the look and feel may differ depending on the FortiOS version in use.

  7. Log into the FortiOS management GUI, and navigate to Network > Interfaces. Verify the private IP addresses for port1 and port2 are properly assigned.

  8. Now let’s access FortiGate B. You can find the public IP address in the LB’s public IP address “B”. In this example, the LB’s resource name is FortiGate-LB-PublicIP-B

  9. In your browser, navigate to https://<FortiGateA_IP_Address>. The login screen should appear. Enter the administrator username and password specified in Configuring FortiGate-VM initial parameters. By default, these attributes are the same as those of FortiGate A.

  10. If you’re using a BYOL license, upload your license (.lic) file to activate the FortiGate. The FortiGate will automatically restart. After it restarts, log in again.
  11. You should now be able to log in and see FortiGate B’s dashboard as follows. In this example, the hostname is fortigate001-B. You can distinguish that this is FortiGate B by the hostname. Fortinet highly encourages that FortiGate A and FortiGate B run the same FortiOS version.

    When using the Azure availability set, the two FortiGate instances’ firewall policy configurations are not automatically synchronized. You must manually force the same policy configuration on both nodes at all times.