Uploading the license and configuring network interfaces
- Go to Compute Engine > VM instances.
- Note the external IP addresses assigned to each FortiGate's unprotected network interface.
- Depending on how you provisioned the instance, you must use the instance ID or the fortigate_user_password (found in the GCP management console under VM instance details) as the password. The instance ID is represented as a number that can be found after locating the instance in the GCP Compute Engine console. Click the name of each instance and note the instance ID or the fortigate_user_password.
- Configure the primary FortiGate:
- Open a web browser window for the primary FortiGate. Go to http://<FortiGate external IP address>.
- Log in with admin as the username and the FortiGate instance ID or fortigate_user_password as the password.
FortiOS prompts you to change the admin password immediately. Change the password as required.
- Log back into the FortiGate using the admin username and the newly changed password.
- Click Upload to install the license. Upload the license. The FortiGate reboots automatically.
- Once the reboot is complete, FortiOS redirects you to the dashboard. Go to Network > Interfaces.
- FortiGate port2, port3, and port4 show no IP addresses. Edit port2:
- Under Address, ensure that Manual is selected under Addressing Mode.
- In the IP/Network Mask field, enter the IP address that GCP assigned to nic1 with a netmask of 255.255.255.255. While the 255.255.255.255 netmask may seem different from what you would expect in a typical network, it works in GCP due to the SDN capabilities of the GCP VPC.
- Click OK.
- Repeat step 10 for port3 and port4. Port3's IP address is the same as nic2 in GCP, while port4's IP address is the same as nic3 in GCP.
- Repeat steps 4-11 for the secondary FortiGate.