Fortinet Document Library

Version:


Table of Contents

About FortiGate for GCP

Deploying FortiGate-VM on Google Cloud Marketplace

Deploying FortiGate-VM on Google Cloud Compute Engine

Deploying FortiGate-VM Using Google Cloud SDK

Use Case: High Availability for FortiGate on GCP

Security Fabric Connector Integration with GCP

Resources

Upgrade Path Tool
6.0.0
Copy Link

Uploading the license and configuring network interfaces

  1. Go to Compute Engine > VM instances.
  2. Note the external IP addresses assigned to each FortiGate's unprotected network interface.
  3. Click the name of each instance and note the instance ID.
  4. Configure the primary FortiGate:
    1. Open a web browser window for the primary FortiGate. Go to http://<FortiGate external IP address>.
    2. Log in with admin as the username and the FortiGate instance ID as the password.
    3. FortiOS prompts you to change the admin password immediately. Change the password as required.
    4. Log back into the FortiGate using the admin username and the newly changed password.
    5. Click Upload to install the license. Upload the license. The FortiGate reboots automatically.
    6. Once the reboot is complete, FortiOS redirects you to the dashboard. Go to Network > Interfaces.
    7. FortiGate port2, port3, and port4 show no IP addresses. Edit port2:
      1. Under Address, ensure that Manual is selected under Addressing Mode.
      2. In the IP/Network Mask field, enter the IP address that GCP assigned to nic1 with a netmask of 255.255.255.255. While the 255.255.255.255 netmask may seem different from what you would expect in a typical network, it works in GCP due to the SDN capabilities of the GCP VPC.
      3. Click OK.
    8. Repeat step 10 for port3 and port4. Port3's IP address is the same as nic2 in GCP, while port4's IP address is the same as nic3 in GCP.
  5. Repeat steps 4-11 for the secondary FortiGate.

Resources

Uploading the license and configuring network interfaces

  1. Go to Compute Engine > VM instances.
  2. Note the external IP addresses assigned to each FortiGate's unprotected network interface.
  3. Click the name of each instance and note the instance ID.
  4. Configure the primary FortiGate:
    1. Open a web browser window for the primary FortiGate. Go to http://<FortiGate external IP address>.
    2. Log in with admin as the username and the FortiGate instance ID as the password.
    3. FortiOS prompts you to change the admin password immediately. Change the password as required.
    4. Log back into the FortiGate using the admin username and the newly changed password.
    5. Click Upload to install the license. Upload the license. The FortiGate reboots automatically.
    6. Once the reboot is complete, FortiOS redirects you to the dashboard. Go to Network > Interfaces.
    7. FortiGate port2, port3, and port4 show no IP addresses. Edit port2:
      1. Under Address, ensure that Manual is selected under Addressing Mode.
      2. In the IP/Network Mask field, enter the IP address that GCP assigned to nic1 with a netmask of 255.255.255.255. While the 255.255.255.255 netmask may seem different from what you would expect in a typical network, it works in GCP due to the SDN capabilities of the GCP VPC.
      3. Click OK.
    8. Repeat step 10 for port3 and port4. Port3's IP address is the same as nic2 in GCP, while port4's IP address is the same as nic3 in GCP.
  5. Repeat steps 4-11 for the secondary FortiGate.