Fortinet black logo

Deploying FortiAuthenticator on AWS

Home FortiAuthenticator Public Cloud 5.3.0 Deploying FortiAuthenticator on AWS

Configuring a Virtual Private Cloud Network

5.3.0
6.2.0
6.1.0
6.0.0
5.3.0
Copy Link
Copy Doc ID 46e69a21-dc80-11e8-b86b-00505692583a:445357

Configuring Virtual Private Cloud (VPC) Network

Amazon Virtual Private Cloud (VPC) allows you to define a virtual network into which you deploy your instances. This virtual network closely resembles a traditional network that you'd operate in your own data center.

Like a traditional network, your VPC will have subnets, can be configured to have internet access, and can even have a VPN connection back to your existing data center, thus extending your physical network into a cloud.

This section describes how to set up a VPC with a single public subnet, attach the VPC to the internet gateway, and then create a routing table and associate the subnet.

Creating a VPC and subnet

This section shows you how to create an AWS VPC and create a subnet. When applicable, choose settings specific to your own environment.

  1. From the AWS Management Console, under Network & Content Delivery, click VPC.
  2. Under Virtual Private Cloud, click Your VPCs, and then click Create VPC.
  3. In the Create VPC dialog box, set the following attributes for your VPC:
    1. For the Name tag field, enter a name for your VPC.
    2. For the CIDR block field, specify an IPv4 address range for your VPC.
    3. From the Tenancy drop-down list, select Default.

  4. Click Yes, Create.
    The VPC is created and appears in the list of VPCs. Take note of the Name and the VPC ID of your VPC as they will be needed later in the deployment process.
  5. Under Virtual Private Cloud, click Subnets, and then click Create subnet.
  6. On the Create Subnet page, set the following attributes for your subnet:
    1. For the Name tag field, enter a name.
    2. From the VPC drop-down list, select your VPC.
    3. From the Availability Zone drop-down list, select No Preference.
    4. For the CIDR block field, specify an IPv4 address range.

  7. Click Create.
    The subnet is created.
  8. Click Close.
  9. From the list of subnets, select the newly created subnet.
  10. Click Actions, and then click Modify auto assign IP settings.
  11. Select Enable auto-assign public IPv4 address, and then click Save.

Attaching the VPC to the internet gateway

This section shows you how to connect your VPC to the internet gateway. Note that if you're using the default VPC, the internet gateway should already exist.

  1. Under Virtual Private Cloud, click Internet Gateways, and then click Create internet gateway.
  2. Under Create internet gateway, in the Name tag field, enter a name for the internet gateway, and then click Create.
    The internet gateway is created. Note that the internet gateway state is detached.
  3. Click Close.
  4. From the list of internet gateways, select the newly created internet gateway.
  5. Click Actions, and then click Attach to VPC.
  6. On the Attach to VPC page, from the VPC drop-down list, select your VPC.
  7. Click Attach.
    The state of the internet gateway changes to attached. Your VPC is attached to the internet gateway.

Creating a routing table

This section shows you how to create a route to allow all outbound traffic from the FortiAuthenticator to use the selected internet gateway.

  1. Under Virtual Private Cloud, click Route Tables.
  2. From the list of route tables, select the route table associated with the your VPC.
  3. Click the Routes tab, and then click Edit.
    Add another route to allow all outbound traffic to use the selected gateway. You can also enter a particular IP/Mask combination to restrict outgoing traffic to a specific value.
  4. Click Add another route.
  5. In the Destination field, type 0.0.0.0/0.
  6. Click the Target field to load the newly created internet gateway, and then click the gateway to select it for this route.

  7. Click Save.

Previous
Next

Related Videos

sidebar video

Deploying FortiAuthenticator in AWS

  • 2,033 views
  • 5 years ago

Configuring Virtual Private Cloud (VPC) Network

Amazon Virtual Private Cloud (VPC) allows you to define a virtual network into which you deploy your instances. This virtual network closely resembles a traditional network that you'd operate in your own data center.

Like a traditional network, your VPC will have subnets, can be configured to have internet access, and can even have a VPN connection back to your existing data center, thus extending your physical network into a cloud.

This section describes how to set up a VPC with a single public subnet, attach the VPC to the internet gateway, and then create a routing table and associate the subnet.

Creating a VPC and subnet

This section shows you how to create an AWS VPC and create a subnet. When applicable, choose settings specific to your own environment.

  1. From the AWS Management Console, under Network & Content Delivery, click VPC.
  2. Under Virtual Private Cloud, click Your VPCs, and then click Create VPC.
  3. In the Create VPC dialog box, set the following attributes for your VPC:
    1. For the Name tag field, enter a name for your VPC.
    2. For the CIDR block field, specify an IPv4 address range for your VPC.
    3. From the Tenancy drop-down list, select Default.

  4. Click Yes, Create.
    The VPC is created and appears in the list of VPCs. Take note of the Name and the VPC ID of your VPC as they will be needed later in the deployment process.
  5. Under Virtual Private Cloud, click Subnets, and then click Create subnet.
  6. On the Create Subnet page, set the following attributes for your subnet:
    1. For the Name tag field, enter a name.
    2. From the VPC drop-down list, select your VPC.
    3. From the Availability Zone drop-down list, select No Preference.
    4. For the CIDR block field, specify an IPv4 address range.

  7. Click Create.
    The subnet is created.
  8. Click Close.
  9. From the list of subnets, select the newly created subnet.
  10. Click Actions, and then click Modify auto assign IP settings.
  11. Select Enable auto-assign public IPv4 address, and then click Save.

Attaching the VPC to the internet gateway

This section shows you how to connect your VPC to the internet gateway. Note that if you're using the default VPC, the internet gateway should already exist.

  1. Under Virtual Private Cloud, click Internet Gateways, and then click Create internet gateway.
  2. Under Create internet gateway, in the Name tag field, enter a name for the internet gateway, and then click Create.
    The internet gateway is created. Note that the internet gateway state is detached.
  3. Click Close.
  4. From the list of internet gateways, select the newly created internet gateway.
  5. Click Actions, and then click Attach to VPC.
  6. On the Attach to VPC page, from the VPC drop-down list, select your VPC.
  7. Click Attach.
    The state of the internet gateway changes to attached. Your VPC is attached to the internet gateway.

Creating a routing table

This section shows you how to create a route to allow all outbound traffic from the FortiAuthenticator to use the selected internet gateway.

  1. Under Virtual Private Cloud, click Route Tables.
  2. From the list of route tables, select the route table associated with the your VPC.
  3. Click the Routes tab, and then click Edit.
    Add another route to allow all outbound traffic to use the selected gateway. You can also enter a particular IP/Mask combination to restrict outgoing traffic to a specific value.
  4. Click Add another route.
  5. In the Destination field, type 0.0.0.0/0.
  6. Click the Target field to load the newly created internet gateway, and then click the gateway to select it for this route.

  7. Click Save.

Previous
Next