Fortinet Document Library

Version:


Table of Contents

GCP Cookbook

Resources

Upgrade Path Tool

GCP Cookbook

6.2.0
Download PDF
Copy Link

Uploading the license and configuring network interfaces

  1. Go to Compute Engine > VM instances.
  2. Note the external IP addresses assigned to each FortiGate's unprotected network interface.
  3. Depending on how you provisioned the instance, you must use the instance ID or the fortigate_user_password (found in the GCP management console under VM instance details) as the password. The instance ID is represented as a number that can be found after locating the instance in the GCP Compute Engine console. Click the name of each instance and note the instance ID or the fortigate_user_password.
  4. Configure the primary FortiGate:
    1. Open a web browser window for the primary FortiGate. Go to http://<FortiGate external IP address>.
    2. Log in with admin as the username and the FortiGate instance ID or fortigate_user_password as the password.
    3. FortiOS prompts you to change the admin password immediately. Change the password as required.
    4. Log back into the FortiGate using the admin username and the newly changed password.
    5. Click Upload to install the license. Upload the license. The FortiGate reboots automatically.
    6. Once the reboot is complete, FortiOS redirects you to the dashboard. Go to Network > Interfaces.
    7. FortiGate port2, port3, and port4 show no IP addresses. Edit port2:
      1. Under Address, ensure that Manual is selected under Addressing Mode.
      2. In the IP/Network Mask field, enter the IP address that GCP assigned to nic1 with a netmask of 255.255.255.255. While the 255.255.255.255 netmask may seem different from what you would expect in a typical network, it works in GCP due to the SDN capabilities of the GCP VPC.
      3. Click OK.
    8. Repeat step 10 for port3 and port4. Port3's IP address is the same as nic2 in GCP, while port4's IP address is the same as nic3 in GCP.
  5. Repeat steps 4-11 for the secondary FortiGate.

Resources

Uploading the license and configuring network interfaces

  1. Go to Compute Engine > VM instances.
  2. Note the external IP addresses assigned to each FortiGate's unprotected network interface.
  3. Depending on how you provisioned the instance, you must use the instance ID or the fortigate_user_password (found in the GCP management console under VM instance details) as the password. The instance ID is represented as a number that can be found after locating the instance in the GCP Compute Engine console. Click the name of each instance and note the instance ID or the fortigate_user_password.
  4. Configure the primary FortiGate:
    1. Open a web browser window for the primary FortiGate. Go to http://<FortiGate external IP address>.
    2. Log in with admin as the username and the FortiGate instance ID or fortigate_user_password as the password.
    3. FortiOS prompts you to change the admin password immediately. Change the password as required.
    4. Log back into the FortiGate using the admin username and the newly changed password.
    5. Click Upload to install the license. Upload the license. The FortiGate reboots automatically.
    6. Once the reboot is complete, FortiOS redirects you to the dashboard. Go to Network > Interfaces.
    7. FortiGate port2, port3, and port4 show no IP addresses. Edit port2:
      1. Under Address, ensure that Manual is selected under Addressing Mode.
      2. In the IP/Network Mask field, enter the IP address that GCP assigned to nic1 with a netmask of 255.255.255.255. While the 255.255.255.255 netmask may seem different from what you would expect in a typical network, it works in GCP due to the SDN capabilities of the GCP VPC.
      3. Click OK.
    8. Repeat step 10 for port3 and port4. Port3's IP address is the same as nic2 in GCP, while port4's IP address is the same as nic3 in GCP.
  5. Repeat steps 4-11 for the secondary FortiGate.