Fortinet white logo
Fortinet white logo

AWS Administration Guide

Deploying FortiGate-VM active-passive HA AWS between multiple zones manually with Transit Gateway integration

Deploying FortiGate-VM active-passive HA AWS between multiple zones manually with Transit Gateway integration

This guide provides sample configuration of a manual build of an AWS Transit Gateway (TGW) with two virtual private cloud (VPC) spokes and a security VPC. The security VPC contains two FortiGate-VMs to inspect inbound and outbound traffic.

Before deploying FortiGate high availability (HA) for AWS with TGW integration, familiarity with the following AWS services is recommended:

If you are new to AWS, see Getting Started with AWS.

This deployment consists of the following steps:

  1. Creating VPCs and subnets
  2. Creating a Transit Gateway and related resources
  3. Creating an internet gateway
  4. Creating VPC route tables
  5. Deploying FortiGate-VM from AWS marketplace
  6. Adding network interfaces and elastic IP addresses to the FortiGate-VMs
  7. Configuring the FortiGate-VMs
  8. Updating the route table and adding an IAM policy
  9. Testing FortiGate-VM HA failover

Deploying FortiGate-VM active-passive HA AWS between multiple zones manually with Transit Gateway integration

Deploying FortiGate-VM active-passive HA AWS between multiple zones manually with Transit Gateway integration

This guide provides sample configuration of a manual build of an AWS Transit Gateway (TGW) with two virtual private cloud (VPC) spokes and a security VPC. The security VPC contains two FortiGate-VMs to inspect inbound and outbound traffic.

Before deploying FortiGate high availability (HA) for AWS with TGW integration, familiarity with the following AWS services is recommended:

If you are new to AWS, see Getting Started with AWS.

This deployment consists of the following steps:

  1. Creating VPCs and subnets
  2. Creating a Transit Gateway and related resources
  3. Creating an internet gateway
  4. Creating VPC route tables
  5. Deploying FortiGate-VM from AWS marketplace
  6. Adding network interfaces and elastic IP addresses to the FortiGate-VMs
  7. Configuring the FortiGate-VMs
  8. Updating the route table and adding an IAM policy
  9. Testing FortiGate-VM HA failover