Version:

Version:


Table of Contents

GCP Administration Guide

Download PDF
Copy Link

Uploading the license and configuring network interfaces

To upload the license and configure network interfaces:
  1. Go to Compute Engine > VM instances.
  2. Note the following for each FortiGate as they are configured:
    • External IP and internal addresses assigned to each FortiGate's unprotected network interface, such as Port1.

    • Internal IP addresses assigned to each FortiGate's protected network interface, such as Port2.

    • Internal IP addresses assigned to each FortiGate's heartbeat network interface, such as Port3.

    • External IP and internal addresses assigned to each FortiGate's management network interface, such as Port4.

    • Note

      Note the IP addresses of each NIC as they are configured. You use the IP addresses in Setting up FortiGate HA.

  3. Find the instance ID in the GCP console by selecting the instance that you are accessing. You use the instance ID when accessing the new FortiGate instances for the first time. For example, the username is "admin", and the password is the instance ID.
  4. Configure the primary FortiGate:
    1. Open a web browser window for the primary FortiGate. Go to http://<FortiGate external IP address>.
    2. Log in with admin as the username and the FortiGate instance ID as the password.
    3. FortiOS prompts you to change the admin password immediately. Change the password as required.
    4. Log back into the FortiGate using the admin username and the newly changed password.
    5. Click Upload to install the license. Upload the license. The FortiGate reboots automatically.
    6. Once the reboot is complete, FortiOS redirects you to the dashboard. Go to Network > Interfaces.
    7. FortiGate port2, port3, and port4 show no IP addresses. Edit port2:
      1. Under Address, ensure that Manual is selected under Addressing Mode.
      2. In the IP/Network Mask field, enter the IP address that GCP assigned to nic1 with a netmask of 255.255.255.255. While the 255.255.255.255 netmask may seem different from what you would expect in a typical network, it works in GCP due to the SDN capabilities of the GCP VPC.
      3. Click OK.
    8. Repeat step g for port3 and port4. Port3's IP address is the same as nic2 in GCP, while port4's IP address is the same as nic3 in GCP.
  5. Repeat steps 1-4 for the secondary FortiGate.

Uploading the license and configuring network interfaces

To upload the license and configure network interfaces:
  1. Go to Compute Engine > VM instances.
  2. Note the following for each FortiGate as they are configured:
    • External IP and internal addresses assigned to each FortiGate's unprotected network interface, such as Port1.

    • Internal IP addresses assigned to each FortiGate's protected network interface, such as Port2.

    • Internal IP addresses assigned to each FortiGate's heartbeat network interface, such as Port3.

    • External IP and internal addresses assigned to each FortiGate's management network interface, such as Port4.

    • Note

      Note the IP addresses of each NIC as they are configured. You use the IP addresses in Setting up FortiGate HA.

  3. Find the instance ID in the GCP console by selecting the instance that you are accessing. You use the instance ID when accessing the new FortiGate instances for the first time. For example, the username is "admin", and the password is the instance ID.
  4. Configure the primary FortiGate:
    1. Open a web browser window for the primary FortiGate. Go to http://<FortiGate external IP address>.
    2. Log in with admin as the username and the FortiGate instance ID as the password.
    3. FortiOS prompts you to change the admin password immediately. Change the password as required.
    4. Log back into the FortiGate using the admin username and the newly changed password.
    5. Click Upload to install the license. Upload the license. The FortiGate reboots automatically.
    6. Once the reboot is complete, FortiOS redirects you to the dashboard. Go to Network > Interfaces.
    7. FortiGate port2, port3, and port4 show no IP addresses. Edit port2:
      1. Under Address, ensure that Manual is selected under Addressing Mode.
      2. In the IP/Network Mask field, enter the IP address that GCP assigned to nic1 with a netmask of 255.255.255.255. While the 255.255.255.255 netmask may seem different from what you would expect in a typical network, it works in GCP due to the SDN capabilities of the GCP VPC.
      3. Click OK.
    8. Repeat step g for port3 and port4. Port3's IP address is the same as nic2 in GCP, while port4's IP address is the same as nic3 in GCP.
  5. Repeat steps 1-4 for the secondary FortiGate.