Fortinet Document Library

Version:


Table of Contents

About FortiGate for OCI

Single FortiGate-VM Deployment

Use Case: High Availability for FortiGate on OCI

Deploying FortiGate-VM using Terraform

Security Fabric Connector Integration with OCI

Resources

Upgrade Path Tool
6.0.0
Copy Link

Using Terraform to Deploy a Single FortiGate-VM

You can deploy FortiGate-VM using Terraform. OCI is a Terraform provider. For details about Terraform, see Introduction to Terraform.

Before using Terraform to deploy a FortiGate-VM, ensure the following prerequisites are met:

  1. See Getting Started with the Terraform Provider.
  2. Prepare a PEM key file for the user to authenticate themselves with the OCI platform.
  3. Upload the FortiGate-VM image to OCI where you plan to deploy the FortiGate-VM. For details, see Obtaining the Deployment Image File and Placing It in Your Bucket.

The following lists the steps for deploying a FortiGate-VM using Terraform:

  1. Prepare Terraform deployment files. There is a sample set of Terraform files available on GitHub. Clone or download the files in the Single-VM-BareMinimum-BYOL directory. This creates a new VCN.
  2. Select your OS with the Terraform applications. See Terraform Downloads.
  3. Edit the Terraform variables and config files to suit your environment:
    1. Change the OCI variables in the terraform.tfvars file. You must know the OCIDs of your tenant, compartment, user, and region. If using Windowes, you do not need to specify the C: drive in paths.
    2. Change the resource names in the block.tf, compute.tf, network.tf, and variables.tf files. You can modify resources including the following:
      1. FortiGate-VM hostname
      2. VCN name
      3. Network interface, subnet, volume n ames
      4. Security list settings. Ensure you open port 443 to allow access to the FortiGate-VM.
      5. Disk size for the second drive. By default, this is 50 GB.
      6. Network CIDRs
  4. Run Terraform:
    1. Run terraform.exe init to initialize the Terraform environment.

    2. Run terraform.exe plan.

      Check the output for newly creating resources. You can add "-out" and an output file to check the output in the file.

    3. Run terraform.exe apply.

      At the Enter a value prompt, enter yes to continue. Wait about ten minutes for the command to end.

  5. In the OCI console, navigate to the newly created resources. The FortiGate-VM instances and VCN have been created.

  6. Connect to the FortiGate-VMs. See Accessing the FortiGate.

Resources

Using Terraform to Deploy a Single FortiGate-VM

You can deploy FortiGate-VM using Terraform. OCI is a Terraform provider. For details about Terraform, see Introduction to Terraform.

Before using Terraform to deploy a FortiGate-VM, ensure the following prerequisites are met:

  1. See Getting Started with the Terraform Provider.
  2. Prepare a PEM key file for the user to authenticate themselves with the OCI platform.
  3. Upload the FortiGate-VM image to OCI where you plan to deploy the FortiGate-VM. For details, see Obtaining the Deployment Image File and Placing It in Your Bucket.

The following lists the steps for deploying a FortiGate-VM using Terraform:

  1. Prepare Terraform deployment files. There is a sample set of Terraform files available on GitHub. Clone or download the files in the Single-VM-BareMinimum-BYOL directory. This creates a new VCN.
  2. Select your OS with the Terraform applications. See Terraform Downloads.
  3. Edit the Terraform variables and config files to suit your environment:
    1. Change the OCI variables in the terraform.tfvars file. You must know the OCIDs of your tenant, compartment, user, and region. If using Windowes, you do not need to specify the C: drive in paths.
    2. Change the resource names in the block.tf, compute.tf, network.tf, and variables.tf files. You can modify resources including the following:
      1. FortiGate-VM hostname
      2. VCN name
      3. Network interface, subnet, volume n ames
      4. Security list settings. Ensure you open port 443 to allow access to the FortiGate-VM.
      5. Disk size for the second drive. By default, this is 50 GB.
      6. Network CIDRs
  4. Run Terraform:
    1. Run terraform.exe init to initialize the Terraform environment.

    2. Run terraform.exe plan.

      Check the output for newly creating resources. You can add "-out" and an output file to check the output in the file.

    3. Run terraform.exe apply.

      At the Enter a value prompt, enter yes to continue. Wait about ten minutes for the command to end.

  5. In the OCI console, navigate to the newly created resources. The FortiGate-VM instances and VCN have been created.

  6. Connect to the FortiGate-VMs. See Accessing the FortiGate.