Fortinet black logo

Configuring a Virtual Private Cloud

Copy Link
Copy Doc ID f40661d9-a990-11e9-81a4-00505692583a:445357
Download PDF

Configuring a Virtual Private Cloud

Amazon Virtual Private Cloud (VPC) allows you to define a virtual network into which you deploy your instances. This virtual network closely resembles a traditional network that you'd operate in your own data center.

Like a traditional network, your VPC will have subnets, can be configured to have internet access, and can even have a VPN connection back to your existing data center, thus extending your physical network into a cloud.

This section describes how to set up a VPC with a single public subnet, attach the VPC to the internet gateway, and then create a routing table and associate the subnet.

Creating a VPC and subnet

This section shows you how to create an AWS VPC and create a subnet. When applicable, choose settings specific to your own environment.

  1. From the AWS Management Console, under Network & Content Delivery, click VPC.
  2. In the navigation pane, under Virtual Private Cloud, click Your VPCs.
  3. Click Create VPC.
  4. On the Create VPC page, set the following attributes for your VPC:
    1. For the Name tag field, enter a name for your VPC.
    2. For the IPv4 CIDR block field, specify an IPv4 address range for your VPC.
    3. From the Tenancy drop-down list, select Default.

  5. Click Create.
    The VPC is created. Take note of the Name and VPC ID as they will be needed later in the deployment process.
  6. Click Close.
  7. In the navigation pane, under Virtual Private Cloud, click Subnets.
  8. Click Create subnet.
  9. On the Create subnet page, set the following attributes for your subnet:
    1. For the Name tag field, enter a name.
    2. From the VPC drop-down list, select your VPC.
    3. From the Availability Zone drop-down list, select No Preference.
    4. For the IPv4 CIDR block field, specify an IPv4 address range.

  10. Click Create.
    The subnet is created. Take note of the subnet name and subnet ID.
  11. Click Close.
  12. From the list of subnets, select the newly created subnet.
  13. Click Actions, and then click Modify auto assign IP settings.
  14. Select Enable auto-assign public IPv4 address, and then click Save.

Attaching the VPC to the internet gateway

This section shows you how to connect your VPC to the internet gateway. Note that if you are using the default VPC, the internet gateway should already exist.

  1. In the navigation pane, under Virtual Private Cloud, click Internet Gateways.
  2. Click Create internet gateway.
  3. In the Name tag field, enter a name for the internet gateway, and then click Create.
    The internet gateway is created.
  4. Click Close.
    Note that the state of the internet gateway you created is detached.
  5. From the list of internet gateways, select the newly created internet gateway.
  6. Click Actions, and then click Attach to VPC.
  7. On the Attach to VPC page, from the VPC drop-down list, select your VPC.
  8. Click Attach.
    The state of the internet gateway changes to attached. Your VPC is attached to the internet gateway.

Creating a routing table

This section shows you how to create a route to allow all outbound traffic from the FortiAuthenticator to use the selected internet gateway.

  1. In the navigation pane, under Virtual Private Cloud, click Route Tables.
  2. From the list of route tables, select the route table associated with the your VPC.
  3. Click the Routes tab, and then click Edit routes.
    Add another route to allow all outbound traffic to use the selected gateway. You can also enter a particular IP/Mask combination to restrict outgoing traffic to a specific value.
  4. Click Add route.
  5. In the Destination field, type 0.0.0.0/0.
  6. Click the Target field, click Internet Gateway, and then click your gateway to select it for this route.

  7. Click Save routes.
  8. Click Close.

Related Videos

sidebar video

Deploying FortiAuthenticator in AWS

  • 2,028 views
  • 5 years ago

Configuring a Virtual Private Cloud

Amazon Virtual Private Cloud (VPC) allows you to define a virtual network into which you deploy your instances. This virtual network closely resembles a traditional network that you'd operate in your own data center.

Like a traditional network, your VPC will have subnets, can be configured to have internet access, and can even have a VPN connection back to your existing data center, thus extending your physical network into a cloud.

This section describes how to set up a VPC with a single public subnet, attach the VPC to the internet gateway, and then create a routing table and associate the subnet.

Creating a VPC and subnet

This section shows you how to create an AWS VPC and create a subnet. When applicable, choose settings specific to your own environment.

  1. From the AWS Management Console, under Network & Content Delivery, click VPC.
  2. In the navigation pane, under Virtual Private Cloud, click Your VPCs.
  3. Click Create VPC.
  4. On the Create VPC page, set the following attributes for your VPC:
    1. For the Name tag field, enter a name for your VPC.
    2. For the IPv4 CIDR block field, specify an IPv4 address range for your VPC.
    3. From the Tenancy drop-down list, select Default.

  5. Click Create.
    The VPC is created. Take note of the Name and VPC ID as they will be needed later in the deployment process.
  6. Click Close.
  7. In the navigation pane, under Virtual Private Cloud, click Subnets.
  8. Click Create subnet.
  9. On the Create subnet page, set the following attributes for your subnet:
    1. For the Name tag field, enter a name.
    2. From the VPC drop-down list, select your VPC.
    3. From the Availability Zone drop-down list, select No Preference.
    4. For the IPv4 CIDR block field, specify an IPv4 address range.

  10. Click Create.
    The subnet is created. Take note of the subnet name and subnet ID.
  11. Click Close.
  12. From the list of subnets, select the newly created subnet.
  13. Click Actions, and then click Modify auto assign IP settings.
  14. Select Enable auto-assign public IPv4 address, and then click Save.

Attaching the VPC to the internet gateway

This section shows you how to connect your VPC to the internet gateway. Note that if you are using the default VPC, the internet gateway should already exist.

  1. In the navigation pane, under Virtual Private Cloud, click Internet Gateways.
  2. Click Create internet gateway.
  3. In the Name tag field, enter a name for the internet gateway, and then click Create.
    The internet gateway is created.
  4. Click Close.
    Note that the state of the internet gateway you created is detached.
  5. From the list of internet gateways, select the newly created internet gateway.
  6. Click Actions, and then click Attach to VPC.
  7. On the Attach to VPC page, from the VPC drop-down list, select your VPC.
  8. Click Attach.
    The state of the internet gateway changes to attached. Your VPC is attached to the internet gateway.

Creating a routing table

This section shows you how to create a route to allow all outbound traffic from the FortiAuthenticator to use the selected internet gateway.

  1. In the navigation pane, under Virtual Private Cloud, click Route Tables.
  2. From the list of route tables, select the route table associated with the your VPC.
  3. Click the Routes tab, and then click Edit routes.
    Add another route to allow all outbound traffic to use the selected gateway. You can also enter a particular IP/Mask combination to restrict outgoing traffic to a specific value.
  4. Click Add route.
  5. In the Destination field, type 0.0.0.0/0.
  6. Click the Target field, click Internet Gateway, and then click your gateway to select it for this route.

  7. Click Save routes.
  8. Click Close.