Fortinet black logo

AWS Administration Guide

Launching the instance with shared FortiGate-VM AMI

Copy Link
Copy Doc ID 9e3b59dc-ba0b-11e9-a989-00505692583a:44111
Download PDF

Launching the instance with shared FortiGate-VM AMI

To launch the instance with shared FortiGate-VM AMI:
  1. In the Services-EC2 Dashboard, go to INSTANCES > Instances, then select Launch Instance.
  2. Select AWS Marketplace. Search for FortiGate. Click Select.
  3. Select an instance type, then select Next: Configure Instance Details.
  4. Configure the instance details:
    1. In the Network field, select the VPC you created.
    2. In the Subnet field, select the public subnet.
    3. In the Network interfaces section, you see the entry for eth0 that was created for the public subnet. Select Add Device to add another network interface (in this example, eth1), and select the private subnet.
    4. When you have two network interfaces, a global IP address is not assigned automatically. You must manually assign a global IP address later. Select Review and Launch, then select Launch.
    5. Select an existing key pair or create a new key pair. Select the acknowledgment checkbox. Select Launch Instances.
    6. To easily identify the instance, set a name for it in the Name field.
    7. Go to NETWORK & SECURITY > Elastic IPs, select a global IP address that is available for use. Select Actions > Allocate new address. If you do not have a global IP address available to use, create one.

    8. In the Resource type section, select Network Interface.
    9. In the Network interface field, select the Interface ID of the network interface that you created for the public subnet (in this example, eth0). In the Private IP field, select the IP address that belongs to the public subnet. To find these values, go to the EC2 Management Console, select Instances, and select the interface in the Network interfaces section in the lower pane of the page (Interface ID and Private IP Address fields). Select Associate. A message is displayed indicating the address association was successful. Note that if the Internet Gateway isn't associated with a VPC, the elastic IP assignment fails.

Launching the instance with shared FortiGate-VM AMI

To launch the instance with shared FortiGate-VM AMI:
  1. In the Services-EC2 Dashboard, go to INSTANCES > Instances, then select Launch Instance.
  2. Select AWS Marketplace. Search for FortiGate. Click Select.
  3. Select an instance type, then select Next: Configure Instance Details.
  4. Configure the instance details:
    1. In the Network field, select the VPC you created.
    2. In the Subnet field, select the public subnet.
    3. In the Network interfaces section, you see the entry for eth0 that was created for the public subnet. Select Add Device to add another network interface (in this example, eth1), and select the private subnet.
    4. When you have two network interfaces, a global IP address is not assigned automatically. You must manually assign a global IP address later. Select Review and Launch, then select Launch.
    5. Select an existing key pair or create a new key pair. Select the acknowledgment checkbox. Select Launch Instances.
    6. To easily identify the instance, set a name for it in the Name field.
    7. Go to NETWORK & SECURITY > Elastic IPs, select a global IP address that is available for use. Select Actions > Allocate new address. If you do not have a global IP address available to use, create one.

    8. In the Resource type section, select Network Interface.
    9. In the Network interface field, select the Interface ID of the network interface that you created for the public subnet (in this example, eth0). In the Private IP field, select the IP address that belongs to the public subnet. To find these values, go to the EC2 Management Console, select Instances, and select the interface in the Network interfaces section in the lower pane of the page (Interface ID and Private IP Address fields). Select Associate. A message is displayed indicating the address association was successful. Note that if the Internet Gateway isn't associated with a VPC, the elastic IP assignment fails.