Fortinet Document Library

Version:


Table of Contents

About FortiGate for GCP

Deploying FortiGate-VM on Google Cloud Marketplace

Deploying FortiGate-VM on Google Cloud Compute Engine

Deploying FortiGate-VM Using Google Cloud SDK

Use Case: High Availability for FortiGate on GCP

Security Fabric Connector Integration with GCP

Resources

Upgrade Path Tool
6.0.0
Copy Link

Bootstrapping FortiGate at Initial Boot-Up

This section explains how to add bootstrapping of FortiGate CLI commands and a BYOL license at the time of initial boot-up as part of Google Cloud commands.

  1. Create a text file that contains FortiGate CLI commands. In this example, let's save the file as config.txt. CRLF must be present. Therefore it is recommended to use a text editor that includes CRLF automatically. In this example, we will use the following CLI commands:

    config system global

    set timezone 03

    end

    This example sets the timezone as GMT-9 Alaska. You can replace these lines with your own set of CLI commands.

  2. You can download a license file from Customer Service & Support after registering your product code. Save the license file as a .txt file. FortiGate-VM license content resembles the following:

  3. Upload the config.txt and license files onto the Linux machine were you will run the Google Cloud SDK commands. Place the files in the same directory.
  4. Run the command as described in Using the Google Cloud SDK to Deploy FortiGate-VM, adding the following:

    --metadata-from-file "license=<license text file>,user-data=<FortiGate CLI text file>". In this example, it will be --metadata-from-file "license=license.txt,user-data=config.txt".

  5. After deployment, log into the FortiGate by accessing https://<IP_address> in your browser. The system displays the dashboard instead of a license upload window, since the license is already activated.

    To see how bootstrapping went, check if the command was successfully run. Open the CLI console and enter diag debug cloudinit show.

    If the cloud-init was run successfully, the CLI shows Finish running script with no errors. If you see an error with this diagnose command, resolve it and try again by checking the license and config.txt files. Ensure that the text file contains CRLF.

  6. Check the timezone by running config system global and get commands.

    The timezone was changed to Alaska as expected, meaning that the bootstrapping CLI command was successful. This assumes that you used the default FortiGate CLI command in step 1. If you modified the command, test it accordingly.

Resources

Bootstrapping FortiGate at Initial Boot-Up

This section explains how to add bootstrapping of FortiGate CLI commands and a BYOL license at the time of initial boot-up as part of Google Cloud commands.

  1. Create a text file that contains FortiGate CLI commands. In this example, let's save the file as config.txt. CRLF must be present. Therefore it is recommended to use a text editor that includes CRLF automatically. In this example, we will use the following CLI commands:

    config system global

    set timezone 03

    end

    This example sets the timezone as GMT-9 Alaska. You can replace these lines with your own set of CLI commands.

  2. You can download a license file from Customer Service & Support after registering your product code. Save the license file as a .txt file. FortiGate-VM license content resembles the following:

  3. Upload the config.txt and license files onto the Linux machine were you will run the Google Cloud SDK commands. Place the files in the same directory.
  4. Run the command as described in Using the Google Cloud SDK to Deploy FortiGate-VM, adding the following:

    --metadata-from-file "license=<license text file>,user-data=<FortiGate CLI text file>". In this example, it will be --metadata-from-file "license=license.txt,user-data=config.txt".

  5. After deployment, log into the FortiGate by accessing https://<IP_address> in your browser. The system displays the dashboard instead of a license upload window, since the license is already activated.

    To see how bootstrapping went, check if the command was successfully run. Open the CLI console and enter diag debug cloudinit show.

    If the cloud-init was run successfully, the CLI shows Finish running script with no errors. If you see an error with this diagnose command, resolve it and try again by checking the license and config.txt files. Ensure that the text file contains CRLF.

  6. Check the timezone by running config system global and get commands.

    The timezone was changed to Alaska as expected, meaning that the bootstrapping CLI command was successful. This assumes that you used the default FortiGate CLI command in step 1. If you modified the command, test it accordingly.