Fortinet white logo
Fortinet white logo

Azure Administration Guide

Invoking a custom ARM template

Invoking a custom ARM template

To invoke a custom ARM template:
  1. Log in to the Azure portal and go to Custom deployment.
  2. Click Build your own template in the editor.
  3. From GitHub, copy and paste the template content, or download the template file and load it into the Edit template window.

  4. Ensure that the template is shown in the screen. Click Save.

  5. Edit the parameters:
    1. Click Edit parameters.
    2. Copy and paste the parameters from GitHub, or download the file as in step 3. You can manually edit the fields.

    3. Click Save.
  6. Complete the following fields:

    Field

    Description

    Basics

    Subscription

    Enter the subscription that is entitled to purchase marketplace products of your choice. Generally, selecting a subscription that your organization has configured to not be able to purchase Azure resources is advisable. Ensure that you specify the appropriate subscription.

    Resource Group

    You must create a new resource group. Click Create New and enter a nonexistent resource group.

    Location

    From the dropdown list, select a region to deploy the FortiGate-VM and related resources.

    Settings

    Location

    Manually specify the same location as the above by entering the region.

    Admin Username

    Specify an administrator login name that can log into the FortiGate management console. Azure does not allow names such as root or admin.

    Admin Password

    Specify an administrator password with some character complexity. The password must be between 12 and 72 characters and contain at least three of the following: one lower-case character, one upper-case character, one number, and one special character.

    FortiGate Name

    Specify the FortiGate-VM instance name or FortiGate hostname that can be identified on the Azure portal.

    FortiGate Image SKU

    Leave this as-is.

    FortiGate Image version

    Select a version. Note that this version points to the one that the FortiGate marketplace listing supports. As the template may contain obsolete versions, specifying Latest is recommended.

    Instance Type

    Choose an instance type based on the number of virtual CPU cores. Recommended types are the following compute instances:

    • Standard_F1
    • Standard_F2
    • Standard_F4
    • Standard_F8
    • Standard_F1s
    • Standard_F2s
    • Standard_F4s
    • Standard_F8s
    • Standard_F16s
    • Standard_F2s_v2
    • Standard_F4s_v2
    • Standard_F8s_v2
    • Standard_F16s_v2
    • Standard_F32s_v2
    • Standard_F64s_v2
    • Standard_F72s_v2

    Instances with over 32 vCPU requires a FG-VMUL license that can support an unlimited number of CPU cores.

    Public IP New or Existing or None

    Choose New.

    Public IP Address Name

    Enter a name to distinguish the public IP address.

    Public IP Resource Group

    Ensure you specify the same resource group as entered in Basics > Resource Group above.

    Public IP Address Type

    Select Static.

    Vnet New or Existing

    Select New.

    Net Name

    Specify the same name as the resource group name.

    Vnet Address Prefix

    Specify a CIDR that does not overlap with your existing Vnet CIDRs.

    Subnet1Name

    Enter a name to distinguish the public subnet.

    Subnet1Prefix

    Specify a CIDR that belongs to the Vnet Address Prefix above.

    Subnet2Name

    Enter a name to distinguish the private/protected subnet.

    Subnet2Prefix

    Specify another CIDR that belongs to the Vnet Address Prefix above.

    Fortinet Tags

    Leave as-is.

    Artifacts Base URL

    Leave as-is.

  7. Select the I agree to the terms and conditions stated above checkbox. Click Purchase. It takes about 10-15 minutes to deploy the FortiGate-VM and related resources. If you encounter an issue, resolve the issue and retry the deployment.
  8. After successful deployment, connect to the FortiGate instance using the credentials specified above. See Connecting to the FortiGate-VM.

Invoking a custom ARM template

Invoking a custom ARM template

To invoke a custom ARM template:
  1. Log in to the Azure portal and go to Custom deployment.
  2. Click Build your own template in the editor.
  3. From GitHub, copy and paste the template content, or download the template file and load it into the Edit template window.

  4. Ensure that the template is shown in the screen. Click Save.

  5. Edit the parameters:
    1. Click Edit parameters.
    2. Copy and paste the parameters from GitHub, or download the file as in step 3. You can manually edit the fields.

    3. Click Save.
  6. Complete the following fields:

    Field

    Description

    Basics

    Subscription

    Enter the subscription that is entitled to purchase marketplace products of your choice. Generally, selecting a subscription that your organization has configured to not be able to purchase Azure resources is advisable. Ensure that you specify the appropriate subscription.

    Resource Group

    You must create a new resource group. Click Create New and enter a nonexistent resource group.

    Location

    From the dropdown list, select a region to deploy the FortiGate-VM and related resources.

    Settings

    Location

    Manually specify the same location as the above by entering the region.

    Admin Username

    Specify an administrator login name that can log into the FortiGate management console. Azure does not allow names such as root or admin.

    Admin Password

    Specify an administrator password with some character complexity. The password must be between 12 and 72 characters and contain at least three of the following: one lower-case character, one upper-case character, one number, and one special character.

    FortiGate Name

    Specify the FortiGate-VM instance name or FortiGate hostname that can be identified on the Azure portal.

    FortiGate Image SKU

    Leave this as-is.

    FortiGate Image version

    Select a version. Note that this version points to the one that the FortiGate marketplace listing supports. As the template may contain obsolete versions, specifying Latest is recommended.

    Instance Type

    Choose an instance type based on the number of virtual CPU cores. Recommended types are the following compute instances:

    • Standard_F1
    • Standard_F2
    • Standard_F4
    • Standard_F8
    • Standard_F1s
    • Standard_F2s
    • Standard_F4s
    • Standard_F8s
    • Standard_F16s
    • Standard_F2s_v2
    • Standard_F4s_v2
    • Standard_F8s_v2
    • Standard_F16s_v2
    • Standard_F32s_v2
    • Standard_F64s_v2
    • Standard_F72s_v2

    Instances with over 32 vCPU requires a FG-VMUL license that can support an unlimited number of CPU cores.

    Public IP New or Existing or None

    Choose New.

    Public IP Address Name

    Enter a name to distinguish the public IP address.

    Public IP Resource Group

    Ensure you specify the same resource group as entered in Basics > Resource Group above.

    Public IP Address Type

    Select Static.

    Vnet New or Existing

    Select New.

    Net Name

    Specify the same name as the resource group name.

    Vnet Address Prefix

    Specify a CIDR that does not overlap with your existing Vnet CIDRs.

    Subnet1Name

    Enter a name to distinguish the public subnet.

    Subnet1Prefix

    Specify a CIDR that belongs to the Vnet Address Prefix above.

    Subnet2Name

    Enter a name to distinguish the private/protected subnet.

    Subnet2Prefix

    Specify another CIDR that belongs to the Vnet Address Prefix above.

    Fortinet Tags

    Leave as-is.

    Artifacts Base URL

    Leave as-is.

  7. Select the I agree to the terms and conditions stated above checkbox. Click Purchase. It takes about 10-15 minutes to deploy the FortiGate-VM and related resources. If you encounter an issue, resolve the issue and retry the deployment.
  8. After successful deployment, connect to the FortiGate instance using the credentials specified above. See Connecting to the FortiGate-VM.