Fortinet Document Library

Version:


Table of Contents

About FortiGate for GCP

Deploying FortiGate-VM on Google Cloud Marketplace

Deploying FortiGate-VM on Google Cloud Compute Engine

Deploying FortiGate-VM Using Google Cloud SDK

Use Case: High Availability for FortiGate on GCP

Security Fabric Connector Integration with GCP

Resources

Upgrade Path Tool
  • Select version:
  • 6.0
6.0.0
Copy Link

Initial Deployment

  1. In the Google Cloud marketplace Cloud Launcher, find FortiGate Next-Generation Firewall.

    note icon

    This deployment method assigns only one network interface to the VM instance. With this deployment method, you cannot change the number of network interfaces after VM deployment. To assign multiple network interfaces, perform a manual deployment using Compute Engine or the Google Cloud SDK.

  2. Click LAUNCH ON COMPUTE ENGINE.
  3. Configure the variables as required:

    Deployment name

    Enter the FortiGate-VM name to appear in the Compute Engine portal.

    Zone

    Choose the zone to deploy the FortiGate to.

    Machine type

    Choose the instance type required.

    Boot disk type

    Choose the desired boot disk type.

    Boot disk size in GB

    Leave as-is at 10 GB.

    Network name

    Select the network located in the selected zone.

    Subnetwork name

    Select the subnet where the FortiGate resides. Currently a one-arm setup in one subnet is supported on the Cloud Launcher solution.

    Firewall

    Leave all selected as shown, or allow at least HTTPS if the strictest security is allowed in your network as the first setup. Change firewall settings as needed later on.

    These are the open ports allowed in Google Cloud to protect incoming access to the FortiGate instance over the Internet and are not part of FortiGate firewall features.

    External IP

    Select Ephemeral. You will need to access the FortiGate management GUI via this public IP address.

    Leave the other options as shown.

  4. Click Deploy. When deployment is done, the screen appears as below.

Resources

Initial Deployment

  1. In the Google Cloud marketplace Cloud Launcher, find FortiGate Next-Generation Firewall.

    note icon

    This deployment method assigns only one network interface to the VM instance. With this deployment method, you cannot change the number of network interfaces after VM deployment. To assign multiple network interfaces, perform a manual deployment using Compute Engine or the Google Cloud SDK.

  2. Click LAUNCH ON COMPUTE ENGINE.
  3. Configure the variables as required:

    Deployment name

    Enter the FortiGate-VM name to appear in the Compute Engine portal.

    Zone

    Choose the zone to deploy the FortiGate to.

    Machine type

    Choose the instance type required.

    Boot disk type

    Choose the desired boot disk type.

    Boot disk size in GB

    Leave as-is at 10 GB.

    Network name

    Select the network located in the selected zone.

    Subnetwork name

    Select the subnet where the FortiGate resides. Currently a one-arm setup in one subnet is supported on the Cloud Launcher solution.

    Firewall

    Leave all selected as shown, or allow at least HTTPS if the strictest security is allowed in your network as the first setup. Change firewall settings as needed later on.

    These are the open ports allowed in Google Cloud to protect incoming access to the FortiGate instance over the Internet and are not part of FortiGate firewall features.

    External IP

    Select Ephemeral. You will need to access the FortiGate management GUI via this public IP address.

    Leave the other options as shown.

  4. Click Deploy. When deployment is done, the screen appears as below.