Running PowerShell to deploy FortiGate-VM
The instructions assume that PowerShell is already installed on the Windows machine. For details on installing and running PowerShell, see Install Azure PowerShell on Windows with PowerShellGet.
- Log into a Windows machine and invoke the PowerShell console.
- Obtain the sample PowerShell script file from GitHub.
- You must edit the content according to your own Azure environment. The ps1 file contains comments for sections that require modification. It is recommended to edit the file using Visual Studio with the PowerShell extension installed. In the $vmsize field, enter the desired instance type based on the number of virtual CPU cores.
One of the sections you must modify is the
$vmsize
field. Enter the desired instance type here. Recommended types are the following compute-optimized instances:- Standard_F1
- Standard_F2
- Standard_F4
- Standard_F8
- Standard_F1s
- Standard_F2s
- Standard_F4s
- Standard_F8s
- Standard_F16s
- Standard_F2s_v2
- Standard_F4s_v2
- Standard_F8s_v2
- Standard_F16s_v2
- Standard_F32s_v2
- Standard_F64s_v2
- Standard_F72s_v2
Instances with over 32 vCPU require a FG-VMUL license, which can support an unlimited number of CPU cores.
- This sample file can deploy the FortiGate-VM in an existing VNet under an existing resource group. Before running the ps1 file, you must create the following Azure elements:
- A resource group
- A VNet with a subnet. If you attach more than one NIC to the FortiGate-VM, create as many subnets as the number of NICs before running the ps1 file.
- A container where you copy your FortiGate-VM image file
- A blob where you create an OS and a data disk file to launch a FortiGate-VM instance
- You must manually create security groups and route tables after deploying the FortiGate-VM, as the sample ps1 file does not create these.
- Download the FortiGate-VM vhd image:
- Go to Customer Service & Support > Download > VM Images.
- From the Select Product dropdown list, select FortiGate.
- From the Select Platform dropdown list, select Azure.
- Download the FGT_VM64_AZURE-v6-buildXXXX-FORTINET.out.hyperv.zip file.
- Unzip the downloaded file. Place the fortios.vhd file in the C:\Azure\vhds directory. You can change the path using the
$sourceVhd
parameter in the ps1 file.
- Run the ps1 file. In this example, the filename is fortigate-deploy-powershell.ps1.
- The system prompts you for a number of network instances. Enter a number between 1 and 4.
- The system prompts you to log into Azure by entering your username and password. Enter your credentials.
- The execution continues. If you encounter an error (shown in red), resolve it, manually clean up newly generated files, then retry the execution. If you do not clean up the files, the next execution attempt results in an error. Manually clean up files by doing the following:
- Remove files created in your container and blob under your storage account.
- Remove network resources created under your specified resource group.
- Diagnostic files are created under your storage account. Remove these files if they are unnecessary.
The sample ps1 file is provided for your reference. If you need to modify or author it as required by your organization, you are expected to be able to do so on your own.
Execution takes about ten minutes to complete.
- Access the FortiGate-VM after executing the ps1 file:
- Navigate to the resource group and click the specified VM name.
- Click the FortiGate-VM hostname and find its public IP address.
- In a browser, access https://<public IP address>. Enter the admin username and password specified in the ps1 file to log in.