Chapter 10. Cloud Technologies

10.2 Deploy FortiGate in Azure

Learning Objectives

  • Create a FortiGate firewall in Azure through Marketplace
  • Identify FortiGate subnets in Azure
Scenario: In this lab, we’ll learn how to deploy FortiGate in Azure.
  1. Go to Azure Marketplace and search for FortiGate.
    Search for FortiGate in the Market Place
    Figure 10.38: Search for FortiGate
  2. Select Fortinet FortiGate Next-Generation Firewall.
    Select Fortinet FG Next-Gen
    Figure 10.39: Select Fortinet FG Next-Gen
  3. Then, Select Single VM from dropdown list.
    Select Single VM
    Figure 10.40: Select Single VM
  4. Create a firewall information as Figure 10.41.
    Create a Fortinet firewall
    Figure 10.41: Create a Fortinet firewall
  5. Leave other tabs as default and press on “Review+ create”. It will validate your information and then you can create a FortiGate Firewall.
    Validate Configuration
    Figure 10.42: Validate configuration
  6. Then, it will start deployment of FortiGate. It takes around 5 minutes to deploy FortiGate.
    Deployment is in Progress
    Figure 10.43: Deployment is in progress
    Deployment is complete
    Figure 10.44: Deployment is complete
  7. After deployment is completed, go to Resource group > FortiGate > Overview and look for FortiGate Public IP address.
    FortiGate Public IP Address
    Figure 10.45: FortiGate public IP address
    FortiGate Public IP Address
    Figure 10.46: FortiGate public IP address
  8. Type the IP address in the browser. You should be able to see the FortiGate credentials page. Enter your username and password to login in the firewall.
    FortiGate Firewall Credential Page to enter username and password
    Figure 10.47: FortiGate firewall credential page
    FortiGate dashboard
    Figure 10.48: FortiGate dashboard
  9. Based on Fortinet description, we have three subnets in Azure for FortiGate. External, Internal and Protected. If you are planning to connect a new virtual machine to the firewall internal interface, you should connect it to the Protected subnet.
Table 10.2: FortiGate Subnet description in Azure
Subnet Description
Subnet1 External subnet used to connect the FortiGate-VM to the Internet.
Subnet2 Internal subnet used as a transit network to one or multiple protected networks containing backend services, such as the web server.
Subnet3 Protected subnet used to deploy services. You can deploy multiples of these subnets. The traffic is sent to the FortiGate for inspection using UDR.

License

Icon for the Creative Commons Attribution 4.0 International License

FortiGate Firewall Copyright © 2023 by Hamid Talebi is licensed under a Creative Commons Attribution 4.0 International License, except where otherwise noted.

Share This Book