- On the AWS marketplace, find a FortiGate-VM listing and version available for selection. This example uses FortiGate-VM On-Demand 6.2.1, ami-0439b030915c59e67, on c5.xlarge instances. Available versions may change.
Deploying a high availability (HA) pair requires four network interfaces. Instances smaller than x.large do not support four network interfaces and do not work for this deployment type.
- Launch the FortiGate-VM through Elastic Compute Cloud.
- Deploy the VM with only one network interface with public IP address assignment enabled.
- Repeat the steps for the second VM instance in a second availability zone.
- To enable management access to the FortiGate-VMs and HA traffic flow, open the security group attached to the FortiGate-VMs:
- In the AWS console, select Security Groups.
- Click the Create Security Group button.
- Add a rule with a source of 0.0.0.0/0 for all traffic types.
- Assign the rule to all interfaces on both FortiGate-VMs. The next step in the process, Adding network interfaces and elastic IP addresses to the FortiGate-VMs, explains creating additional network interfaces. You can tighten the security group later.