Fortinet Document Library

Version:


Table of Contents

OCI Administration Guide

7.0.0
Download PDF
Copy Link

Deploying a native mode FortiGate-VM on OCI

This guide demonstrates how to launch a native mode FortiGate-VM on OCI. This deployment consists of the following steps:

  1. Create a native mode FGT-VM64-OPC custom image.
  2. Create a FGT-VM64-OPC instance with the native mode custom image.
  3. Attach a hard disk to the FGT-VM64-OPC with iSCSI mode.
  4. Run diagnose commands.
To create a native mode FortiGate-VM custom image:
  1. Obtain the deployment image file and upload the forties.qcow2 file to OCI object storage as described in To obtain the deployment image file and place it in your bucket:. Obtain the file URL path.
  2. Import the image:
    1. Go to Compute > Custom Images. Click Import Image.
    2. In the Import Image dialog, complete the fields. In the OBJECT STORAGE URL field, enter the URL link obtained in step 1.
    3. Under OPERATING SYSTEM, select Linux.
    4. Under IMAGE TYPE, select QCOW2.
    5. Under LAUNCH MODE, select NATIVE MODE.
    6. Click Import Image. After some time, the FortiGate for OCI custom image becomes available on OCI.
To create a FortiGate-VM instance with the native mode custom image:
  1. Log into the OCI web portal. Go to Compute > Instances > Create Instance.
  2. Configure the FortiGate-VM instance:
    1. In the Name your instance field, enter the desired name for your FortiGate-VM instance.
    2. Select an availability domain (AD) for your instance.
    3. Under Choose an operating system or image source, select the image source as the image created in the previous step.
    4. Under Choose instance type, select Virtual Machine or Bare Metal Machine.
    5. Under Choose instance shape, select Change Shape and select the instance shape.
    6. Under Configure networking, select your virtual cloud network and subnet.
    7. Leave the Configure boot volume options at their default values. You can also add an SSH key file if desired.
  3. Click Create. After a few minutes, the instance is ready and running. You can access the FortiGate-VM with your SSH key or using the username "admin" and the OCID as the password.
  4. Go to the Instance Information tab for the FortiGate-VM. Verify that the instance's Launch Mode displays as NATIVE.
To attach a hard disk to the FortiGate-VM with ISCSI mode:
  1. From the navigation bar, click Attach Block Volume.
  2. Under Choose how you want to attach your block volume, select ISCSI.
  3. Leave ACCESS at the default value, READ/WRITE.
  4. Configure other options as desired.
  5. Click Attach. After a few minutes, the Instance Information page shows that the block volume was attached.
  6. Under Attached Block Volumes, go to the block volume entry, and click iSCSI Commands & Information. You can find this iSCSCI's IP address and IQN here.
  7. Log into the FortiGate and run the following commands to configure the iSCSI hard disk:

    config system iscsi

    edit "Demo-iSCSI-HD"

    set ip 169.254.2.4 set iqn "iqn.2015-12.com.oracleiaas:debf5040-260a-4a28-a00e-da172baa6698"

    next

    end

  8. Run the d hardware deviceinfo disk command to ensure that the second hard drive (50.0 GiB) is attached. The output should look like the following:

    Disk SYSTEM(boot) 46.6GiB type: ISCSI [IET Controller] dev: /dev/sda

    partition 123.0MiB, 62.0MiB free mounted: Y label: dev: /dev/sda1(boot) start: 2048

    partition 1.7GiB, 1.7GiB free mounted: Y label: dev: /dev/sda2(boot) start: 264192

    partition ref: 3 127.0MiB, 86.0MiB free mounted: N label: dev: /dev/sda3 start: 3932160

    Disk Virtual-Disk ref: 32 50.0GiB type: ISCSI [IET Controller] dev: /dev/sdc

    partition ref: 33 49.2GiB, 48.9GiB free mounted: N label: LOGUSEDX6FFE3A65 dev: /dev/sdc1 start: 2048

    Total available disks: 2 Max SSD disks: 8 Available storage disks: 1

To run diagnose commands:
  1. Run the following commands to configure the ISCSI disk:

    config system iscsi

    edit "i1"

    set ip class_ip

    set iqn string

    next

    end

  2. Run the execute iscsi logout <iscis-disk-name> command to disconnect the ISCSI disk.
  3. Run the execute iscsi login <iscis-disk-name> command to connect the ISCSI disk.

Deploying a native mode FortiGate-VM on OCI

This guide demonstrates how to launch a native mode FortiGate-VM on OCI. This deployment consists of the following steps:

  1. Create a native mode FGT-VM64-OPC custom image.
  2. Create a FGT-VM64-OPC instance with the native mode custom image.
  3. Attach a hard disk to the FGT-VM64-OPC with iSCSI mode.
  4. Run diagnose commands.
To create a native mode FortiGate-VM custom image:
  1. Obtain the deployment image file and upload the forties.qcow2 file to OCI object storage as described in To obtain the deployment image file and place it in your bucket:. Obtain the file URL path.
  2. Import the image:
    1. Go to Compute > Custom Images. Click Import Image.
    2. In the Import Image dialog, complete the fields. In the OBJECT STORAGE URL field, enter the URL link obtained in step 1.
    3. Under OPERATING SYSTEM, select Linux.
    4. Under IMAGE TYPE, select QCOW2.
    5. Under LAUNCH MODE, select NATIVE MODE.
    6. Click Import Image. After some time, the FortiGate for OCI custom image becomes available on OCI.
To create a FortiGate-VM instance with the native mode custom image:
  1. Log into the OCI web portal. Go to Compute > Instances > Create Instance.
  2. Configure the FortiGate-VM instance:
    1. In the Name your instance field, enter the desired name for your FortiGate-VM instance.
    2. Select an availability domain (AD) for your instance.
    3. Under Choose an operating system or image source, select the image source as the image created in the previous step.
    4. Under Choose instance type, select Virtual Machine or Bare Metal Machine.
    5. Under Choose instance shape, select Change Shape and select the instance shape.
    6. Under Configure networking, select your virtual cloud network and subnet.
    7. Leave the Configure boot volume options at their default values. You can also add an SSH key file if desired.
  3. Click Create. After a few minutes, the instance is ready and running. You can access the FortiGate-VM with your SSH key or using the username "admin" and the OCID as the password.
  4. Go to the Instance Information tab for the FortiGate-VM. Verify that the instance's Launch Mode displays as NATIVE.
To attach a hard disk to the FortiGate-VM with ISCSI mode:
  1. From the navigation bar, click Attach Block Volume.
  2. Under Choose how you want to attach your block volume, select ISCSI.
  3. Leave ACCESS at the default value, READ/WRITE.
  4. Configure other options as desired.
  5. Click Attach. After a few minutes, the Instance Information page shows that the block volume was attached.
  6. Under Attached Block Volumes, go to the block volume entry, and click iSCSI Commands & Information. You can find this iSCSCI's IP address and IQN here.
  7. Log into the FortiGate and run the following commands to configure the iSCSI hard disk:

    config system iscsi

    edit "Demo-iSCSI-HD"

    set ip 169.254.2.4 set iqn "iqn.2015-12.com.oracleiaas:debf5040-260a-4a28-a00e-da172baa6698"

    next

    end

  8. Run the d hardware deviceinfo disk command to ensure that the second hard drive (50.0 GiB) is attached. The output should look like the following:

    Disk SYSTEM(boot) 46.6GiB type: ISCSI [IET Controller] dev: /dev/sda

    partition 123.0MiB, 62.0MiB free mounted: Y label: dev: /dev/sda1(boot) start: 2048

    partition 1.7GiB, 1.7GiB free mounted: Y label: dev: /dev/sda2(boot) start: 264192

    partition ref: 3 127.0MiB, 86.0MiB free mounted: N label: dev: /dev/sda3 start: 3932160

    Disk Virtual-Disk ref: 32 50.0GiB type: ISCSI [IET Controller] dev: /dev/sdc

    partition ref: 33 49.2GiB, 48.9GiB free mounted: N label: LOGUSEDX6FFE3A65 dev: /dev/sdc1 start: 2048

    Total available disks: 2 Max SSD disks: 8 Available storage disks: 1

To run diagnose commands:
  1. Run the following commands to configure the ISCSI disk:

    config system iscsi

    edit "i1"

    set ip class_ip

    set iqn string

    next

    end

  2. Run the execute iscsi logout <iscis-disk-name> command to disconnect the ISCSI disk.
  3. Run the execute iscsi login <iscis-disk-name> command to connect the ISCSI disk.