Chapter 10. Cloud Technologies
- Create a FortiGate firewall in Azure through Marketplace
- Identify FortiGate subnets in Azure
- Go to Azure Marketplace and search for FortiGate.
- Select Fortinet FortiGate Next-Generation Firewall.
- Then, Select Single VM from dropdown list.
- Create a firewall information as Figure 10.41.
- Leave other tabs as default and press on “Review+ create”. It will validate your information and then you can create a FortiGate Firewall.
- Then, it will start deployment of FortiGate. It takes around 5 minutes to deploy FortiGate.
- After deployment is completed, go to Resource group > FortiGate > Overview and look for FortiGate Public IP address.
- Type the IP address in the browser. You should be able to see the FortiGate credentials page. Enter your username and password to login in the firewall.
- Based on Fortinet description, we have three subnets in Azure for FortiGate. External, Internal and Protected. If you are planning to connect a new virtual machine to the firewall internal interface, you should connect it to the Protected subnet.
|Subnet1||External subnet used to connect the FortiGate-VM to the Internet.|
|Subnet2||Internal subnet used as a transit network to one or multiple protected networks containing backend services, such as the web server.|
|Subnet3||Protected subnet used to deploy services. You can deploy multiples of these subnets. The traffic is sent to the FortiGate for inspection using UDR.|