Fortinet Document Library
Version:
6.2.0
FortiGate / FortiOS
FortiGate / FortiOS
FortiAnalyzer
FortiManager
FortiWeb
FortiTester
FortiAuthenticator
FortiSandbox
FortiWeb Manager
Table of Contents
Azure Cookbook
About FortiGate-VM for Azure
Instance type support
Region support
Models
Licensing
Order types
Creating a support account
Deploying FortiGate-VM on Azure
Azure services and components
Deploying FortiGate-VM from a VHD image file
Deploying FortiGate-VM in VM creation
Deploying FortiGate with custom ARM templates
Invoking custom ARM templates
Bootstrapping the FortiGate CLI at initial bootup using user data
Bootstrapping the FortiGate CLI and BYOL license at initial bootup using user data
Deploying FortiGate-VM using Azure PowerShell
Running PowerShell to deploy FortiGate-VM
Bootstrapping the FortiGate CLI and BYOL license at initial bootup using user data
Deploying FortiGate-VM on regional Azure clouds
Enabling accelerated networking on the FortiGate-VM
Upgrading FortiOS
Deploying auto scaling on Azure
Acronyms
Planning
Prerequisites
Obtaining the deployment package
Deploying FortiGate Autoscale for Azure
Creating a template deployment
Configurable variables
Uploading files to the Storage account
Running the start commands
Verifying the deployment
Connecting to the FortiGate-VM instances
Troubleshooting
Appendix
FortiGate Autoscale for Azure features
Cloud-init
Architectural diagrams
Single FortiGate-VM deployment
Registering and downloading your license
Subscribing the FortiGate-VM
Connecting to the FortiGate-VM
Network interfaces and routes
Using public IP addresses
HA for FortiGate-VM on Azure
Deploying and configuring active-passive HA within one zone
About the ARM template
Reviewing the network topology
Checking the prerequisites
Invoking the ARM templates
Template parameters
Validating the deployment
Configuring the network via the CLI
Installing the FortiGate license (BYOL only)
Configuring multiple public IP addresses
Troubleshooting
Deploying and configuring active-passive HA between multiple zones
Deploying and configuring Azure load-balancing HA
Basic concepts
Locating FortiGate HA for Azure in the Azure portal marketplace
Determining your licensing model
Configuring FortiGate-VM initial parameters
Creating the VNet and subnets in network settings
Selecting the Azure instance type
Assigning the Azure IP address
Validating deployment resources
Creating the FortiGate-VM instances
Connecting to the FortiGate-VMs
Setting up a Windows server in the protected network
Configuring FortiGate firewall policies and virtual IP addresses
Public IP addresses with Azure public LB
(Failover test) Creating load balancing rules and accessing the Windows server via RDP
VNet peering
Fabric connector integration with Azure or Azure Stack
Automatically updating dynamic addresses using Fabric connector (Azure)
Required information
Getting the Azure tenant ID
Getting the Azure subscription ID
Getting the Azure resource group
Azure client ID and Azure client secret
Configuring the FortiGate-VM
Tagging a resource
Creating an address
Dynamic address in a policy
Troubleshooting Azure Fabric connector
Azure Kubernetes (AKS) Fabric connector
Automatically updating dynamic addresses using Fabric connector (Azure Stack)
VPN for FortiGate-VM on Azure
Connecting a local FortiGate to an Azure VNet VPN
Connecting a local FortiGate to an Azure FortiGate via site-to-site VPN
vWAN
Configuring integration with Azure AD domain services for VPN
Azure AD acting as SAML IdP
Azure Sentinel
Sending FortiGate logs for analytics and queries
Resources
Upgrade Path Tool
Home
Azure/Azure Stack
FortiGate / FortiOS
FortiGate / FortiOS
FortiAnalyzer
FortiManager
FortiWeb
FortiTester
FortiAuthenticator
FortiSandbox
FortiWeb Manager
Select version:
6.2
6.0
5.6
Select version
6.2
6.0
5.6
Azure Cookbook
About FortiGate-VM for Azure
Instance type support
Region support
Models
Licensing
Order types
Creating a support account
Deploying FortiGate-VM on Azure
Azure services and components
Deploying FortiGate-VM from a VHD image file
Deploying FortiGate-VM in VM creation
Deploying FortiGate with custom ARM templates
Invoking custom ARM templates
Bootstrapping the FortiGate CLI at initial bootup using user data
Bootstrapping the FortiGate CLI and BYOL license at initial bootup using user data
Deploying FortiGate-VM using Azure PowerShell
Running PowerShell to deploy FortiGate-VM
Bootstrapping the FortiGate CLI and BYOL license at initial bootup using user data
Deploying FortiGate-VM on regional Azure clouds
Enabling accelerated networking on the FortiGate-VM
Upgrading FortiOS
Deploying auto scaling on Azure
Acronyms
Planning
Prerequisites
Obtaining the deployment package
Deploying FortiGate Autoscale for Azure
Creating a template deployment
Configurable variables
Uploading files to the Storage account
Running the start commands
Verifying the deployment
Connecting to the FortiGate-VM instances
Troubleshooting
Appendix
FortiGate Autoscale for Azure features
Cloud-init
Architectural diagrams
Single FortiGate-VM deployment
Registering and downloading your license
Subscribing the FortiGate-VM
Connecting to the FortiGate-VM
Network interfaces and routes
Using public IP addresses
HA for FortiGate-VM on Azure
Deploying and configuring active-passive HA within one zone
About the ARM template
Reviewing the network topology
Checking the prerequisites
Invoking the ARM templates
Template parameters
Validating the deployment
Configuring the network via the CLI
Installing the FortiGate license (BYOL only)
Configuring multiple public IP addresses
Troubleshooting
Deploying and configuring active-passive HA between multiple zones
Deploying and configuring Azure load-balancing HA
Basic concepts
Locating FortiGate HA for Azure in the Azure portal marketplace
Determining your licensing model
Configuring FortiGate-VM initial parameters
Creating the VNet and subnets in network settings
Selecting the Azure instance type
Assigning the Azure IP address
Validating deployment resources
Creating the FortiGate-VM instances
Connecting to the FortiGate-VMs
Setting up a Windows server in the protected network
Configuring FortiGate firewall policies and virtual IP addresses
Public IP addresses with Azure public LB
(Failover test) Creating load balancing rules and accessing the Windows server via RDP
VNet peering
Fabric connector integration with Azure or Azure Stack
Automatically updating dynamic addresses using Fabric connector (Azure)
Required information
Getting the Azure tenant ID
Getting the Azure subscription ID
Getting the Azure resource group
Azure client ID and Azure client secret
Configuring the FortiGate-VM
Tagging a resource
Creating an address
Dynamic address in a policy
Troubleshooting Azure Fabric connector
Azure Kubernetes (AKS) Fabric connector
Automatically updating dynamic addresses using Fabric connector (Azure Stack)
VPN for FortiGate-VM on Azure
Connecting a local FortiGate to an Azure VNet VPN
Connecting a local FortiGate to an Azure FortiGate via site-to-site VPN
vWAN
Configuring integration with Azure AD domain services for VPN
Azure AD acting as SAML IdP
Azure Sentinel
Sending FortiGate logs for analytics and queries
6.2.0
6.2.0
Download PDF
Copy Link
Automatically updating dynamic addresses using Fabric connector (
Azure
Stack)
See the
FortiOS
Cookbook
.
Resources
Upgrade Path Tool
Automatically updating dynamic addresses using Fabric connector (
Azure
Stack)
See the
FortiOS
Cookbook
.
Link
PDF