Fortinet Document Library

Version:


Table of Contents

Deploying FortiGate-VMX

Resources

Upgrade Path Tool
5.6.3
Download PDF
Copy Link

Prerequisites

The following lists prerequisites for deploying FortiGate-VMX:

  • Supported versions of VMware products
  • VM requirements:
    • FortiGate-VMX SVM requires 1 GB of RAM by default, preconfigured in OVF.
    • FortiGate-VMX security node requires 2 GB of RAM by default, preconfigured in OVF.

    You can manually alter the spec before deployment.

  • Component requirements:
    • VMware components:
      • vCenter Server Standard
      • vSphere Enterprise Plus license level
      • NSX Manager
    • Third-party components:
      • Web server (IIS, Apache, and so on): This is used to host the VMX security node's deployment file to install VMX security nodes.
  • VMware technologies:
    • ESXi host cluster enabled with DRS
    • Distributed Switch (management traffic can traverse legacy vSwitch)
    • vSphere Web Client required for NSX Manager add-on
  • VMware configurations:
    • Agent VM Setting required to be set on each ESXi host in cluster. For larger environments, this can also be set during service deployment.

Certain ports are required for communication between the FortiGate-VMX SVM and FortiGate-VMX security nodes through the sync interface: 700, 703, and 720. These are for the cluster protocol, configuration synchronization, and traffic, such as license registration and log traffic.

note icon

SVM is required to be connected to the Internet for license validation with FortiGuard.

Resources

Prerequisites

The following lists prerequisites for deploying FortiGate-VMX:

  • Supported versions of VMware products
  • VM requirements:
    • FortiGate-VMX SVM requires 1 GB of RAM by default, preconfigured in OVF.
    • FortiGate-VMX security node requires 2 GB of RAM by default, preconfigured in OVF.

    You can manually alter the spec before deployment.

  • Component requirements:
    • VMware components:
      • vCenter Server Standard
      • vSphere Enterprise Plus license level
      • NSX Manager
    • Third-party components:
      • Web server (IIS, Apache, and so on): This is used to host the VMX security node's deployment file to install VMX security nodes.
  • VMware technologies:
    • ESXi host cluster enabled with DRS
    • Distributed Switch (management traffic can traverse legacy vSwitch)
    • vSphere Web Client required for NSX Manager add-on
  • VMware configurations:
    • Agent VM Setting required to be set on each ESXi host in cluster. For larger environments, this can also be set during service deployment.

Certain ports are required for communication between the FortiGate-VMX SVM and FortiGate-VMX security nodes through the sync interface: 700, 703, and 720. These are for the cluster protocol, configuration synchronization, and traffic, such as license registration and log traffic.

note icon

SVM is required to be connected to the Internet for license validation with FortiGuard.