Fortinet black logo

Administration Guide

Home FortiPAM 1.3.0 Administration Guide
1.3.0
1.3.0
1.2.0
1.1.2
1.1.1
1.1.0
1.0.3
1.0.2
1.0.1
1.0.0

Appendix F: Installation on Hyper-V

Appendix F: Installation on Hyper-V

Once you have downloaded the out.hyperv.zip file and extracted the package contents to a folder on your management computer/Microsoft server, you can deploy the VHD package to your MS Hyper-V environment.

To deploy FortiPAM-VM on MS Hyper-V without TPM support:
  1. Launch the Hyper-V Manager on your management computer.

    The Hyper-V Manager homepage opens.

  2. In the left tree menu, select your management computer.

    The server details page is displayed.

  3. Right-click the server/management computer and select New > Virtual Machine. Optionally, in the Action menu, select New and select Virtual Machine.

    The New Virtual Machine Wizard opens.

  4. In New Virtual Machine Wizard, click Next to create a VM with a custom configuration.

    The Specify Name and Location tab is displayed.

  5. In Specify Name and Location, enter a name for this VM, and click Next.

    The Hyper-V Manager displays the name you enter for the VM.

  6. In Specify Generation, select Generation 1, and click Next.

    Generation 1 does not support TPM. To install FortiPAM-VM on Hyper-V with TPM, see Deploying FortiPAM on Hyper-V with TPM.

  7. In Assign Memory, specify the amount of memory to allocate to this VM in Startup memory, and click Next.

    Ensure that Use Dynamic Memory for this virtual machine is unchecked.

    FortiPAM configured with less than 2 CPUs and 2048 MB of RAM works in the evaluation mode until licensed. Otherwise, a valid license is required.

  8. In Configure Networking, from the Connection dropdown, select a network adapter, and click Next.

    Each new VM includes a network adapter. You can configure the network adapter to use a virtual switch, or it can remain disconnected. You can configure more network adapters in the Settings window later.

  9. In Connect Virtual Hard Disk, select Use an existing virtual hard disk, click Browse and locate the fortipam.vhd file that you downloaded from FortiCloud, and click Next.

  10. In Completing the New Virtual Machine Wizard, the installation summary is displayed.

  11. To create the VM and close the wizard, click Finish.
  12. Right-click the VM and select Settings from the menu. Optionally, having selected the VM, in the Action menu, click Settings.

  13. In Hardware, to remove a DVD drive:
    1. Select a DVD drive in IDE Controller 1.
    2. Click Remove.
    3. Click Apply.

  14. In Hardware, to add a hard drive:
    1. Click IDE Controller 1.
    2. Select Hard Drive.

    3. Click Add.
    4. In Hard Drive, click Browse and locate the DATADRIVE1.vhd file that is in the same folder as fortipam.vhd file.
    5. Click Apply.

    6. Click OK.
  15. Repeat step 14 to add a second disk, DATADRIVE2.vhd.
  16. From the virtual machines list, right-click the FortiPAM-VM and select Start to power on the VM.
  17. Select your newly created VM and launch it.

    See FortiPAM appliance setup for CLI related settings to verify the disk usage type and set up FortiPAM.

To deploy FortiPAM-VM on MS Hyper-V with TPM support:

To use FortiPAM with TPM on a Hyper-V platform, first, you must convert the virtual hard disk from *.vhd to *.vhdx format (step 1) and then specify Generation 2 when creating a new VM (step 2). Finally, you must enable TPM on Hyper-V before powering on the VM (step 3).

  1. Converting hard disk to *.vhdx:
    1. In the left tree menu, right-click the server/management computer and select Edit Disk. Optionally, having selected the server, select Action and then select Edit Disk.

      The Edit Virtual Hard Disk Wizard opens.

    2. In the Edit Virtual Hard Disk Wizard, click Next.
    3. In Locate Virtual Hard Disk, click Browse and locate the fortipam.vhd file that you downloaded from FortiCloud, and click Next.

    4. In Choose Action, select Convert, and click Next.

    5. In Choose Action > Choose Disk Format, select VHDX, and click Next.

    6. In Choose Action > Choose Disk Type, select Dynamically expanding, and click Next.

    7. In Choose Action > Configure Disk, enter a name for the VHDX disk, click Browse to configure a location for this disk, and click Next.

    8. In Completing the Edit Virtual Hard Disk Wizard, the summary is displayed.

    9. Click Finish.
    10. Repeat steps a to i to convert DATADRIVE1.vhd and DATADRIVE2.vhd.
  2. Creating a 2nd generation Hyper-V VM:

    Follow the same procedure as detailed in Deploying FortiPAM-VM on Hyper-V without TPM, except:

    1. In Step 6, select Generation 2.

    2. In Step 9, click Browse and locate the *.vhdx file that you converted from fortipam.vhd.

    3. In step 14 (a, b, and c), click SCSI Controller, select Hard Drive, and click Add.

    4. In step 14 d, in Hard Drive, click Browse and locate the *.vhdx file for DATADRIVE1.vhd that you earlier converted in Converting hard disk to *.vhdx.

    5. Repeat steps c and d to add *.vhdx file for DATADRIVE2.vhd.

      Secure boot must be disabled before starting the VM.

      To disable secure boot:
      1. From the virtual machines list, right-click the VM and select Settings. Optionally, having select the VM, select Action and then select Settings.
      2. Go to Security and uncheck Enable Secure Boot.
      3. Click Apply.

      4. Click OK.
  3. Enabling TPM on Hyper-V:

    Ensure that TPM is set up as part of the initial configuration, i.e., before powering on the FortiPAM-VM for the first time.

    1. From the virtual machines list, right-click the VM and select Settings. Optionally, having select the VM, select Action and then select Settings.
    2. Go to Security and check Enable Trusted Platform Module. Optionally, enable Encrypt state and virtual machine migration traffic.
    3. Click Apply.

    4. Click OK.

      You can now power on your VM.

Previous
Next

Appendix F: Installation on Hyper-V

Once you have downloaded the out.hyperv.zip file and extracted the package contents to a folder on your management computer/Microsoft server, you can deploy the VHD package to your MS Hyper-V environment.

To deploy FortiPAM-VM on MS Hyper-V without TPM support:
  1. Launch the Hyper-V Manager on your management computer.

    The Hyper-V Manager homepage opens.

  2. In the left tree menu, select your management computer.

    The server details page is displayed.

  3. Right-click the server/management computer and select New > Virtual Machine. Optionally, in the Action menu, select New and select Virtual Machine.

    The New Virtual Machine Wizard opens.

  4. In New Virtual Machine Wizard, click Next to create a VM with a custom configuration.

    The Specify Name and Location tab is displayed.

  5. In Specify Name and Location, enter a name for this VM, and click Next.

    The Hyper-V Manager displays the name you enter for the VM.

  6. In Specify Generation, select Generation 1, and click Next.

    Generation 1 does not support TPM. To install FortiPAM-VM on Hyper-V with TPM, see Deploying FortiPAM on Hyper-V with TPM.

  7. In Assign Memory, specify the amount of memory to allocate to this VM in Startup memory, and click Next.

    Ensure that Use Dynamic Memory for this virtual machine is unchecked.

    FortiPAM configured with less than 2 CPUs and 2048 MB of RAM works in the evaluation mode until licensed. Otherwise, a valid license is required.

  8. In Configure Networking, from the Connection dropdown, select a network adapter, and click Next.

    Each new VM includes a network adapter. You can configure the network adapter to use a virtual switch, or it can remain disconnected. You can configure more network adapters in the Settings window later.

  9. In Connect Virtual Hard Disk, select Use an existing virtual hard disk, click Browse and locate the fortipam.vhd file that you downloaded from FortiCloud, and click Next.

  10. In Completing the New Virtual Machine Wizard, the installation summary is displayed.

  11. To create the VM and close the wizard, click Finish.
  12. Right-click the VM and select Settings from the menu. Optionally, having selected the VM, in the Action menu, click Settings.

  13. In Hardware, to remove a DVD drive:
    1. Select a DVD drive in IDE Controller 1.
    2. Click Remove.
    3. Click Apply.

  14. In Hardware, to add a hard drive:
    1. Click IDE Controller 1.
    2. Select Hard Drive.

    3. Click Add.
    4. In Hard Drive, click Browse and locate the DATADRIVE1.vhd file that is in the same folder as fortipam.vhd file.
    5. Click Apply.

    6. Click OK.
  15. Repeat step 14 to add a second disk, DATADRIVE2.vhd.
  16. From the virtual machines list, right-click the FortiPAM-VM and select Start to power on the VM.
  17. Select your newly created VM and launch it.

    See FortiPAM appliance setup for CLI related settings to verify the disk usage type and set up FortiPAM.

To deploy FortiPAM-VM on MS Hyper-V with TPM support:

To use FortiPAM with TPM on a Hyper-V platform, first, you must convert the virtual hard disk from *.vhd to *.vhdx format (step 1) and then specify Generation 2 when creating a new VM (step 2). Finally, you must enable TPM on Hyper-V before powering on the VM (step 3).

  1. Converting hard disk to *.vhdx:
    1. In the left tree menu, right-click the server/management computer and select Edit Disk. Optionally, having selected the server, select Action and then select Edit Disk.

      The Edit Virtual Hard Disk Wizard opens.

    2. In the Edit Virtual Hard Disk Wizard, click Next.
    3. In Locate Virtual Hard Disk, click Browse and locate the fortipam.vhd file that you downloaded from FortiCloud, and click Next.

    4. In Choose Action, select Convert, and click Next.

    5. In Choose Action > Choose Disk Format, select VHDX, and click Next.

    6. In Choose Action > Choose Disk Type, select Dynamically expanding, and click Next.

    7. In Choose Action > Configure Disk, enter a name for the VHDX disk, click Browse to configure a location for this disk, and click Next.

    8. In Completing the Edit Virtual Hard Disk Wizard, the summary is displayed.

    9. Click Finish.
    10. Repeat steps a to i to convert DATADRIVE1.vhd and DATADRIVE2.vhd.
  2. Creating a 2nd generation Hyper-V VM:

    Follow the same procedure as detailed in Deploying FortiPAM-VM on Hyper-V without TPM, except:

    1. In Step 6, select Generation 2.

    2. In Step 9, click Browse and locate the *.vhdx file that you converted from fortipam.vhd.

    3. In step 14 (a, b, and c), click SCSI Controller, select Hard Drive, and click Add.

    4. In step 14 d, in Hard Drive, click Browse and locate the *.vhdx file for DATADRIVE1.vhd that you earlier converted in Converting hard disk to *.vhdx.

    5. Repeat steps c and d to add *.vhdx file for DATADRIVE2.vhd.

      Secure boot must be disabled before starting the VM.

      To disable secure boot:
      1. From the virtual machines list, right-click the VM and select Settings. Optionally, having select the VM, select Action and then select Settings.
      2. Go to Security and uncheck Enable Secure Boot.
      3. Click Apply.

      4. Click OK.
  3. Enabling TPM on Hyper-V:

    Ensure that TPM is set up as part of the initial configuration, i.e., before powering on the FortiPAM-VM for the first time.

    1. From the virtual machines list, right-click the VM and select Settings. Optionally, having select the VM, select Action and then select Settings.
    2. Go to Security and check Enable Trusted Platform Module. Optionally, enable Encrypt state and virtual machine migration traffic.
    3. Click Apply.

    4. Click OK.

      You can now power on your VM.

Previous
Next