Chapter 10- Cloud Technologies

10-2 Deploy FortiGate in Azure

Learning Objectives

  • Create a FortiGate firewall in Azure through Market Place
  • Identify FortiGate subnets in Azure


Scenario: In this lab, we’ll learn how to deploy FortiGate in Azure.

1- Go to Azure Marketplace and search for FortiGate

Search for FortiGate in the Market Place
Figure 10-38: Search for FortiGate

2- Select Fortinet FortiGate Next-Generation Firewall.

Select Fortinet FG Next-Gen
Figure 10-39: Select Fortinet FG Next-Gen

3- Then, Select Single VM from dropdown list.

Select Single VM
Figure 10-40: Select Single VM

4- Create a firewall information as figure 10-41.

Create a Fortinet firewall
Figure 10-41: Create a Fortinet firewall

5- Leave other tabs as default and press on “Review+ create“. It will validate your information and then you can create a FortiGate Firewall.

Validate Configuration
Figure 10-42: Validate Configuration

6- Then, it will start deployment of FortiGate. It takes around 5 minutes to deploy FortiGate.

Deployment is in Progress
Figure 10-43: Deployment is in Progress


Deployment is complete
Figure 10-44: Deployment is complete

7- After deployment is completed, go to Resource group> FortiGate> Overview and look for FortiGate Public IP address.

FortiGate Public IP Address
Figure 10-45: FortiGate Public IP Address


FortiGate Public IP Address
Figure 10-46: FortiGate Public IP Address

8- Type the IP address in the browser. You should be able to see the FortiGate credentials page. Enter your username and password to login in the firewall.

FortiGate Firewall Credential Page to enter username and password
Figure 10-47: FortiGate Firewall Credential Page


FortiGate dashboard
Figure 10-48: FortiGate dashboard

9- Based on Fortinet description, we have three subnets in Azure for FortiGate. External, Internal and Protected. If you are planning to connect a new virtual machine to the firewall internal interface, you should connect it to the Protected subnet.

Table 10-2: FortiGate Subnet description in Azure
Subnet Description
Subnet1 External subnet used to connect the FortiGate-VM to the Internet.
Subnet2 Internal subnet used as a transit network to one or multiple protected networks containing backend services, such as the web server.
Subnet3 Protected subnet used to deploy services. You can deploy multiples of these subnets. The traffic is sent to the FortiGate for inspection using UDR.


Share This Book