Fortinet black logo

GCP Administration Guide

Bootstrapping FortiGate at initial boot-up

Copy Link
Copy Doc ID 62d32ecf-687f-11ea-9384-00505692583a:92490
Download PDF

Bootstrapping FortiGate at initial bootup

This section explains how to add bootstrapping of FortiOS CLI commands and a BYOL license at the time of initial bootup as part of Google Cloud commands.

To bootstrap FortiGate at initial bootup:
  1. Create a text file that contains FortiGate CLI commands. In this example, let's save the file as config.txt. CRLF must be present. Therefore it is recommended to use a text editor that includes CRLF automatically. In this example, we will use the following CLI commands:

    config system global

    set timezone 03

    end

    This example sets the timezone as GMT-9 Alaska. You can replace these lines with your own set of CLI commands.

  2. You can download a license file from Customer Service & Support after registering your product code. Save the license file as a .txt file. FortiGate-VM license content resembles the following:

  3. Upload the config.txt and license files onto the Linux machine were you will run the Google Cloud SDK commands. Place the files in the same directory.
  4. Run the command as described in Using the Google Cloud SDK to deploy FortiGate-VM, adding the following:

    --metadata-from-file "license=<license text file>,user-data=<FortiGate CLI text file>". In this example, it will be --metadata-from-file "license=license.txt,user-data=config.txt".

  5. After deployment, log into the FortiGate by accessing https://<IP_address> in your browser. The system displays the dashboard instead of a license upload window, since the license is already activated.

    To see how bootstrapping went, check if the command was successfully run. Open the CLI console and enter diag debug cloudinit show.

    If the cloud-init was run successfully, the CLI shows Finish running script with no errors. If you see an error with this diagnose command, resolve it and try again by checking the license and config.txt files. Ensure that the text file contains CRLF.

  6. Check the timezone by running config system global and get commands.

    The timezone was changed to Alaska as expected, meaning that the bootstrapping CLI command was successful. This assumes that you used the default FortiGate CLI command in step 1. If you modified the command, test it accordingly.

Bootstrapping FortiGate at initial bootup

This section explains how to add bootstrapping of FortiOS CLI commands and a BYOL license at the time of initial bootup as part of Google Cloud commands.

To bootstrap FortiGate at initial bootup:
  1. Create a text file that contains FortiGate CLI commands. In this example, let's save the file as config.txt. CRLF must be present. Therefore it is recommended to use a text editor that includes CRLF automatically. In this example, we will use the following CLI commands:

    config system global

    set timezone 03

    end

    This example sets the timezone as GMT-9 Alaska. You can replace these lines with your own set of CLI commands.

  2. You can download a license file from Customer Service & Support after registering your product code. Save the license file as a .txt file. FortiGate-VM license content resembles the following:

  3. Upload the config.txt and license files onto the Linux machine were you will run the Google Cloud SDK commands. Place the files in the same directory.
  4. Run the command as described in Using the Google Cloud SDK to deploy FortiGate-VM, adding the following:

    --metadata-from-file "license=<license text file>,user-data=<FortiGate CLI text file>". In this example, it will be --metadata-from-file "license=license.txt,user-data=config.txt".

  5. After deployment, log into the FortiGate by accessing https://<IP_address> in your browser. The system displays the dashboard instead of a license upload window, since the license is already activated.

    To see how bootstrapping went, check if the command was successfully run. Open the CLI console and enter diag debug cloudinit show.

    If the cloud-init was run successfully, the CLI shows Finish running script with no errors. If you see an error with this diagnose command, resolve it and try again by checking the license and config.txt files. Ensure that the text file contains CRLF.

  6. Check the timezone by running config system global and get commands.

    The timezone was changed to Alaska as expected, meaning that the bootstrapping CLI command was successful. This assumes that you used the default FortiGate CLI command in step 1. If you modified the command, test it accordingly.