Chapter 10- Cloud Technologies
10-2 Deploy FortiGate in Azure
Learning Objectives
- Create a FortiGate firewall in Azure through Market Place
- Identify FortiGate subnets in Azure
1- Go to Azure Marketplace and search for FortiGate
2- Select Fortinet FortiGate Next-Generation Firewall.
3- Then, Select Single VM from dropdown list.
4- Create a firewall information as figure 10-41.
5- Leave other tabs as default and press on “Review+ create“. It will validate your information and then you can create a FortiGate Firewall.
6- Then, it will start deployment of FortiGate. It takes around 5 minutes to deploy FortiGate.
7- After deployment is completed, go to Resource group> FortiGate> Overview and look for FortiGate Public IP address.
8- Type the IP address in the browser. You should be able to see the FortiGate credentials page. Enter your username and password to login in the firewall.
9- Based on Fortinet description, we have three subnets in Azure for FortiGate. External, Internal and Protected. If you are planning to connect a new virtual machine to the firewall internal interface, you should connect it to the Protected subnet.
| Subnet | Description |
|---|---|
| Subnet1 | External subnet used to connect the FortiGate-VM to the Internet. |
| Subnet2 | Internal subnet used as a transit network to one or multiple protected networks containing backend services, such as the web server. |
| Subnet3 | Protected subnet used to deploy services. You can deploy multiples of these subnets. The traffic is sent to the FortiGate for inspection using UDR. |
