FortiGate VM Deployment example – Citrix XenServer

Deployment example – Citrix XenServer

Once you have downloaded the FORTINET.out.CitrixXen.zip file and extracted the files, you can create the virtual machine in your Citrix Xen environment.

The following topics are included in this section:

Create the FortiGate VM virtual machine (XenCenter) Configure virtual hardware

Create the FortiGate VM virtual machine (XenCenter)

To create the FortiGate VM virtual machine from the OVF file

  1. Launch XenCenter on your management computer.

The management computer can be any computer that can run Citrix XenCenter, a Windows application.

  1. If you have not already done so, select ADD a server. Enter your Citrix XenServer IP address and the root logon credentials required to manage that server.

Your Citrix XenServer is added to the list in the left pane.

The Virtual Machine Manager home page opens.

  1. Go to File > Import. An import dialog will appear.

 

Create the FortiGate VM virtual machine (XenCenter)

  1. Click the Browse button, find the FortiGate-VM64-Xen.ovf template file, then click Open.
  2. Select Next.

(XenCenter)

  1. Accept the FortiGate Virtual Appliance EULA, then select Next.
  2. Choose the pool or standalone server that will host the VM, then select Next.
  3. Select the storage location for FortiGate VM disk drives or accept the default. Select Next.

Create the FortiGate VM virtual machine (XenCenter)

  1. Configure how each vNIC (virtual network adapter) in FortiGate VM will be mapped to each vNetwork on the Citrix XenServer, then click Next.
  2. Click Next to skip OS fixup.
  3. Select Next to use the default network settings for transferring the VM to the host.
  4. Select Finish.

The Citrix XenServer imports the FortiGate VM files and configures the VM as specified in the OVF template. Depending on your computer’s hardware speed and resource load, and also on the file size and speed of the network connection, this might take several minutes to complete.

When VM import is complete, the XenCenter left pane includes the FortiGate VM in the list of deployed VMs for your Citrix XenServer.

 

Configure virtual hardware

Configure virtual hardware

Before you start your FortiGate-VM for the first time, you need to adjust your virtual machine’s virtual hardware settings to meet your network requirements.

Configuring number of CPUs and memory size

Your FortiGate-VM license limits the number CPUs and amount of memory that you can use. The amounts you allocate must not exceed your license limits.

To access virtual machine settings

  1. Open XenCenter.
  2. Select your FortiGate VM in the left pane.

The tabs in the right pane provide access to the virtual hardware configuration. The Console tab provides access to the FortiGate console.

  1. To set the number of CPUs
  2. In the XenCenter left pane, right-click the FortiGate VM and select Properties. The Properties window opens.
  3. In the left pane, select CPU.
  4. Adjust Number of CPUs and then select OK.

Configure virtual hardware

XenCenter will warn if you select more CPUs than the Xen host computer contains. Such a configuration might reduce performance.

To set memory size

  1. In the XenCenter left pane, select the FortiGate VM.
  2. In the right pane, select the Memory
  3. Select Edit, modify the value in the Set a fixed memory of field and select OK.

Configuring disk storage

By default the FortiGate VM data disk 30GB. You will probably want to increase this. Disk resizing must be done before you start the VM for the first time.

To resize the FortiGate data disk

  1. In the XenCenter left pane, select the FortiGate VM.
  2. Select the Storage Select Hard disk 2 (the 30GB drive), then select Properties.

The ‘Hard disk 2’ Properties window opens.

Configure virtual hardware

  1. Select Size and Location. Adjust Size and select OK.

 

Set FortiGate VM port1 IP address

This entry was posted in Administration Guides, FortiGate on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.