Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Azure Administration Guide

    Home FortiGate Public Cloud 6.4.0 Azure Administration Guide
    6.4.0
    7.6.0
    7.4.0
    7.2.0
    7.0.0
    6.4.0
    6.2.0

    Obtaining a FortiCare-generated license for Azure on-demand instances

    Obtaining a FortiCare-generated license for Azure on-demand instances

    New Azure on-demand and upgraded instances can retrieve a FortiGate serial number and license from FortiCare servers. Using the serial number, users can register the device to their account and start using FortiToken and FortiGate Cloud services.

    The FortiGate-VM must be able to reach FortiCare to receive a valid on-demand license. Ensure connectivity to FortiCare (https://directregistration.fortinet.com/) by checking all related setup on the virtual network, subnet, network security group, route table, public IP addresses, and so on.

    This feature is only available for FortiOS 6.4.2 and later versions.

    To verify cloudinit automatically obtained a license for a newly-deployed instance:
    # diagnose debug cloudinit show
 >> Load VM metadata document
 >> Requesting FortiCare license: FGTAZRXXXXXXXXXX
 >> VM license install succeeded. Rebooting firewall.

# diagnose debug vm-print-license 
SerialNumber: FGTAZRXXXXXXXXXX
CreateDate: Wed Jul 29 16:48:34 2020
Key: yes
Cert: yes
Key2: yes
Cert2: yes
Model: PG (20)
CPU: 2147483647 
MEM: 2147483647
			
    # execute vm-license 
PAYG license exists.

    If in a closed network, the command execution resembles the following, as the execute vm-license command attempts to get a license from FortiCare.

    # diagnose debug cloudinit show 

# diagnose debug vm-print-license
SerialNumber: FGTAZRXXXXXXXXXX
CreateDate: 1597362903
Model: PG (20)
CPU: 2147483647 
MEM: 2147483647

# execute vm-license
This operation will reboot the system !
Do you want to continue? (y/n)


Load VM metadata document
Requesting FortiCare license: FGTAZRXXXXXXXXXX

    If the FortiGate-VM connects to FortiCare successfully, the following message displays.

    VM license install succeeded. Rebooting firewall.

    To obtain a license for an upgraded instance or instance from a closed network:

    If you created the FortiGate-VM in a closed environment or it cannot reach FortiCare, the FortiGate-VM self-generates a local license as in previous FortiOS versions. You can obtain a FortiCare license, ensure that the FortiGate-VM can connect to FortiCare, then run the execute vm-license command to obtain the license from FortiCare.

    # execute vm-license 
This operation will reboot the system !
Do you want to continue? (y/n)y

Load VM metadata document
Requesting FortiCare license: FGTAZRXXXZXXXXXX
VM license install succeeded. Rebooting firewall.
    To register the serial number:
    1. Register the license using the serial number in FortiCare (see Creating a support account).
    2. Obtain the VM ID:
      • In FortiOS, run diagnose test application azd 6 and search for the VM Instance ID.
      • In Azure, run az vm show -g Resource-Group-Name -n PAYG-VM-Name --query vmId' -o tsv.

        • It may take up to an hour for the registration status to synchronize and update in the FortiOS GUI.

    3. Go Dashboard > Status and in the Licenses widget verify the FortiCare Support status.

    4. Once registration completes, you can log in to a FortiGate Cloud account and download the two free tokens that come standard with FortiGates. See Configuring FortiGate Cloud and FortiTokens.
    Previous
    Next

    Obtaining a FortiCare-generated license for Azure on-demand instances

    Obtaining a FortiCare-generated license for Azure on-demand instances

    New Azure on-demand and upgraded instances can retrieve a FortiGate serial number and license from FortiCare servers. Using the serial number, users can register the device to their account and start using FortiToken and FortiGate Cloud services.

    The FortiGate-VM must be able to reach FortiCare to receive a valid on-demand license. Ensure connectivity to FortiCare (https://directregistration.fortinet.com/) by checking all related setup on the virtual network, subnet, network security group, route table, public IP addresses, and so on.

    This feature is only available for FortiOS 6.4.2 and later versions.

    To verify cloudinit automatically obtained a license for a newly-deployed instance:
    # diagnose debug cloudinit show
 >> Load VM metadata document
 >> Requesting FortiCare license: FGTAZRXXXXXXXXXX
 >> VM license install succeeded. Rebooting firewall.

# diagnose debug vm-print-license 
SerialNumber: FGTAZRXXXXXXXXXX
CreateDate: Wed Jul 29 16:48:34 2020
Key: yes
Cert: yes
Key2: yes
Cert2: yes
Model: PG (20)
CPU: 2147483647 
MEM: 2147483647
			
    # execute vm-license 
PAYG license exists.

    If in a closed network, the command execution resembles the following, as the execute vm-license command attempts to get a license from FortiCare.

    # diagnose debug cloudinit show 

# diagnose debug vm-print-license
SerialNumber: FGTAZRXXXXXXXXXX
CreateDate: 1597362903
Model: PG (20)
CPU: 2147483647 
MEM: 2147483647

# execute vm-license
This operation will reboot the system !
Do you want to continue? (y/n)


Load VM metadata document
Requesting FortiCare license: FGTAZRXXXXXXXXXX

    If the FortiGate-VM connects to FortiCare successfully, the following message displays.

    VM license install succeeded. Rebooting firewall.

    To obtain a license for an upgraded instance or instance from a closed network:

    If you created the FortiGate-VM in a closed environment or it cannot reach FortiCare, the FortiGate-VM self-generates a local license as in previous FortiOS versions. You can obtain a FortiCare license, ensure that the FortiGate-VM can connect to FortiCare, then run the execute vm-license command to obtain the license from FortiCare.

    # execute vm-license 
This operation will reboot the system !
Do you want to continue? (y/n)y

Load VM metadata document
Requesting FortiCare license: FGTAZRXXXZXXXXXX
VM license install succeeded. Rebooting firewall.
    To register the serial number:
    1. Register the license using the serial number in FortiCare (see Creating a support account).
    2. Obtain the VM ID:
      • In FortiOS, run diagnose test application azd 6 and search for the VM Instance ID.
      • In Azure, run az vm show -g Resource-Group-Name -n PAYG-VM-Name --query vmId' -o tsv.

        • It may take up to an hour for the registration status to synchronize and update in the FortiOS GUI.

    3. Go Dashboard > Status and in the Licenses widget verify the FortiCare Support status.

    4. Once registration completes, you can log in to a FortiGate Cloud account and download the two free tokens that come standard with FortiGates. See Configuring FortiGate Cloud and FortiTokens.
    Previous
    Next