FortiGate VM Deployment example – VMware

Deployment example – VMware

Once you have downloaded the FGT_VMxx-v5-build0xxx-FORTINET.out.ovf.zip file from http://support.fortinet.com and extracted the package contents to a folder on your local computer, you can use the vSphere client to create the virtual machine from the deployment package OVF template.

The following topics are included in this section:

Open the FortiGate VM OVF file with the vSphere client

Configure FortiGate VM hardware settings

Open the FortiGate VM OVF file with the vSphere client

To deploy the FortiGate VM OVF template:

  1. Launch the VMware vSphere client, enter the IP address or host name of your server, enter your user name and password and select Login.

The vSphere client home page opens.

  1. Select File > Deploy OVF Template to launch the OVF Template wizard.

 

Open the                    OVF file with the vSphere client

Source page opens.

  1. Select the source location of the OVF file. Select Browse and locate the OVF file on your computer. Select Next to continue.

The OVF Template Details page opens.

  1. Verify the OVF template details. This page details the product name, download size, size on disk, and description. Select Next to continue.

End User License Agreement page opens.

  1. Read the end user license agreement for FortiGate VM. Select Accept and then select Next to continue.

Open the                    OVF file with the vSphere client

Name and Location page opens.

  1. Enter a name for this OVF template. The name can contain up to 80 characters and it must be unique within the inventory folder. Select Next to continue.

Disk Format page opens.

  1. Select one of the following:
  • Thick Provision Lazy Zeroed: Allocates the disk space statically (no other volumes can take the space), but does not write zeros to the blocks until the first write takes place to that block during runtime (which includes a full disk format).
  • Thick Provision Eager Zeroed: Allocates the disk space statically (no other volumes can take the space), and writes zeros to all the blocks.
  • Thin Provision: Allocates the disk space only when a write occurs to a block, but the total volume size is

reported by VMFS to the OS. Other volumes can take the remaining space. This allows you to float space between your servers, and expand your storage when your size monitoring indicates there is a problem. Note that once a Thin Provisioned block is allocated, it remains on the volume regardless if you have deleted data, etc.

  1. Select Next to continue.

The OVF Template Network Mapping page opens.

 

Configure                       hardware settings

  1. Map the networks used in this OVF template to networks in your inventory. Network 1 maps to port1 of the FortiGate VM. You must set the destination network for this entry to access the device console. Select Next to continue.

The OVF Template Ready to Complete page opens.

  1. Review the template configuration. Make sure that Power on after deployment is not enabled. You might need to configure the FortiGate VM hardware settings prior to powering on the FortiGate VM.
  2. Select Finish to deploy the OVF template. You will receive a Deployment Completed Successfully dialog box once the FortiGate VM OVF template wizard has finished.

Configure FortiGate VM hardware settings

Before powering on your FortiGate VM you must configure the virtual memory, virtual CPU, and virtual disk configuration to match your FortiGate VM license.

Configure FortiGate VM hardware settings

Configure                       hardware settings                                                   Transparent mode VMware configuration

This entry was posted in Administration Guides, FortiGate on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.