Fortinet black logo

AWS Administration Guide

Configuring the FortiGate-VM

Copy Link
Copy Doc ID 9e3b59dc-ba0b-11e9-a989-00505692583a:61679
Download PDF

Configuring the FortiGate-VM

  1. Log into the FortiGate-VM GUI using the default admin account. The default admin account has the username admin and no password. The license activation screen appears.
  2. Select Choose File, select your license file, and select OK. The system restarts. After a few minutes, the login screen appears. Log back into the FortiGate-VM.
  3. Using your terminal, enter the following commands to log into the server and enable disk logging:

    ssh -i ./Fortinet-AWS-Keypair.pem admin@ FortiGate-VM64-AWS #execute update-now
FortiGate-VM64-AWS #execute formatlogdisk

  4. Go to System > Admin > Administrators and edit the default admin account. Select Change Password and enter a new password.
  5. Go to System > Network > Interfaces and edit an internal interface (in the example, port2). Set Addressing Mode to DHCP.
  6. This port's IP address has changed to the IP you entered using the terminal (in the example, 10.0.1.5).

  7. Go to Firewall Objects > Virtual IPs > Virtual IPs and create a new virtual IP that will map RDP (TCP port 3389) to a Windows server that will be deployed in the next step.

  8. Go to Policy > Policy > Policy and create a new policy allowing traffic from the Internet-facing interface to the internal interface.

  9. Create a second policy allowing traffic from the internal interface to the Internet-facing interface.

Configuring the FortiGate-VM

  1. Log into the FortiGate-VM GUI using the default admin account. The default admin account has the username admin and no password. The license activation screen appears.
  2. Select Choose File, select your license file, and select OK. The system restarts. After a few minutes, the login screen appears. Log back into the FortiGate-VM.
  3. Using your terminal, enter the following commands to log into the server and enable disk logging:

    ssh -i ./Fortinet-AWS-Keypair.pem admin@ FortiGate-VM64-AWS #execute update-now
FortiGate-VM64-AWS #execute formatlogdisk

  4. Go to System > Admin > Administrators and edit the default admin account. Select Change Password and enter a new password.
  5. Go to System > Network > Interfaces and edit an internal interface (in the example, port2). Set Addressing Mode to DHCP.
  6. This port's IP address has changed to the IP you entered using the terminal (in the example, 10.0.1.5).

  7. Go to Firewall Objects > Virtual IPs > Virtual IPs and create a new virtual IP that will map RDP (TCP port 3389) to a Windows server that will be deployed in the next step.

  8. Go to Policy > Policy > Policy and create a new policy allowing traffic from the Internet-facing interface to the internal interface.

  9. Create a second policy allowing traffic from the internal interface to the Internet-facing interface.