Fortinet Document Library

Version:


Table of Contents

FortiSandbox VM on AWS

3.1.0
Download PDF
Copy Link

Basic AWS network setup

Creating a Virtual Private Cloud (VPC)

  1. Navigate to VPC Dashboard > Your VPCs > Create VPC. The Create VPC dialog box will open.

    note icon

    There’s a default VPC but you should always create a new VPC.

  2. In the Name Tag field, enter a name. For example, FortiSandbox.
  3. In the IPv4 CIDR field, enter 10.0.0.0/16. This will ease scale-out issues in the future.
  4. In the IPv6 CIDR Block field, select No.
  5. In the Tenancy field, select Default from the dropdown list.
  6. Click Yes, Create to create the new VPC.

Creating the subnet for FortiSandbox firmware

You will need to create two subnets for FortiSandbox.

  • Public subnet with IPv4 CIDR 10.0.0.0/24, which is connected to the FSA-VM management interface.
  • Private subnet with IPv4 CIDR 10.0.1.0/24, which is connected to all VM clones and FSA-VM.
    note icon

    You can skip creating Private subnet if you do not use Custom VMs. Without a Private subnet, you can still use the Remote VM for file analysis.

To create the Public Subnet:
  1. Click Subnets > Create Subnet. The Create Subnet dialog box will open.
  2. In the Name Tag field, enter a name. For example, Public_FortiSandbox.
  3. In the VPC field, select the VPC you have just created.
  4. In the IPV4 CIDR block field, enter 10.0.0.0/24 (public subnet).
  5. Click Yes, Create to create the new subnet.

To create the Private Subnet:
  1. Click Subnets > Create Subnet. The Create Subnet dialog box will open.
  2. In the Name Tag field, enter a name. For example, Private_FortiSandbox.
  3. In the VPC field, select the VPC you have just created.
  4. In the IPV4 CIDR block field, enter 10.0.1.0/24 (private subnet).
  5. Click Yes, Create to create the new subnet.

Creating an internet gateway

  1. Under Virtual Private Cloud, select Internet Gateways.
  2. Click Create Internet Gateway.
  3. In the Name Tag field, enter a name. For example, vpc-gw.
  4. Click Yes, Create.

  5. Once the Internet Gateway is created, click Attach to VPC.
  6. Select your created VPC, and click Yes, Attach.

Creating a route table

  1. Under Virtual Private Cloud > Route Tables > click Create Route Table. The Create Route Table dialog box will open.

  2. In the Name Tag field, enter a name. For example, route_FortiSandboxTest.
  3. In the VPC field, select the VPC you created.
  4. Click Yes, Create.

  5. Go to Subnet Associations > Edit and select the public subnet you created. Click Save.

  6. Go to Routes > Add Another Route.
  7. In the Destination field, enter 0.0.0.0/0.
  8. In the Target field, select the internet gateway for the public subnet. Click Save.

Basic AWS network setup

Creating a Virtual Private Cloud (VPC)

  1. Navigate to VPC Dashboard > Your VPCs > Create VPC. The Create VPC dialog box will open.

    note icon

    There’s a default VPC but you should always create a new VPC.

  2. In the Name Tag field, enter a name. For example, FortiSandbox.
  3. In the IPv4 CIDR field, enter 10.0.0.0/16. This will ease scale-out issues in the future.
  4. In the IPv6 CIDR Block field, select No.
  5. In the Tenancy field, select Default from the dropdown list.
  6. Click Yes, Create to create the new VPC.

Creating the subnet for FortiSandbox firmware

You will need to create two subnets for FortiSandbox.

  • Public subnet with IPv4 CIDR 10.0.0.0/24, which is connected to the FSA-VM management interface.
  • Private subnet with IPv4 CIDR 10.0.1.0/24, which is connected to all VM clones and FSA-VM.
    note icon

    You can skip creating Private subnet if you do not use Custom VMs. Without a Private subnet, you can still use the Remote VM for file analysis.

To create the Public Subnet:
  1. Click Subnets > Create Subnet. The Create Subnet dialog box will open.
  2. In the Name Tag field, enter a name. For example, Public_FortiSandbox.
  3. In the VPC field, select the VPC you have just created.
  4. In the IPV4 CIDR block field, enter 10.0.0.0/24 (public subnet).
  5. Click Yes, Create to create the new subnet.

To create the Private Subnet:
  1. Click Subnets > Create Subnet. The Create Subnet dialog box will open.
  2. In the Name Tag field, enter a name. For example, Private_FortiSandbox.
  3. In the VPC field, select the VPC you have just created.
  4. In the IPV4 CIDR block field, enter 10.0.1.0/24 (private subnet).
  5. Click Yes, Create to create the new subnet.

Creating an internet gateway

  1. Under Virtual Private Cloud, select Internet Gateways.
  2. Click Create Internet Gateway.
  3. In the Name Tag field, enter a name. For example, vpc-gw.
  4. Click Yes, Create.

  5. Once the Internet Gateway is created, click Attach to VPC.
  6. Select your created VPC, and click Yes, Attach.

Creating a route table

  1. Under Virtual Private Cloud > Route Tables > click Create Route Table. The Create Route Table dialog box will open.

  2. In the Name Tag field, enter a name. For example, route_FortiSandboxTest.
  3. In the VPC field, select the VPC you created.
  4. Click Yes, Create.

  5. Go to Subnet Associations > Edit and select the public subnet you created. Click Save.

  6. Go to Routes > Add Another Route.
  7. In the Destination field, enter 0.0.0.0/0.
  8. In the Target field, select the internet gateway for the public subnet. Click Save.