Chapter 10. Cloud Technologies
10.5 Deploy FortiGate in AWS
Learning Objectives
- Create a VPC, public and private subnet, internet gateway, route tables
- Create a FortiGate firewall in AWS through Marketplace
- Identify FortiGate subnets in AWS
Scenario: In this lab, we’ll learn how to deploy FortiGate in AWS.
AWS Configuration
- Create a VPC.
- Create a subnet.
- Create an internet gateway.
- Create a new Public RouteBy default, name of the “built-in route” is “-”. Rename it to Private Route.
Go to Route tables > create route table.
- Create Key Pair. Go to EC2 – Key Pairs > Create Key Pair.
- Create Instances. Go to EC2 – Instances > Launch instances.
- Add a new private subnet interface.
- Disable Source and Destination check on both FG Private and Public Subnet.
- Edit private route table.
- Verify Public and Private IP address of FG.
- Accessing FortiGate on AWS.Type the IP address in the browser. You should be able to see the FortiGate credentials page. Enter your username and password to login to the firewall.
You should set port1 and port2 as DHCP client to receive an IP address from External and LAN subnet. Port1 is belong to External subnet or the internet and port2 is belong to the LAN.
| Subnet | Description |
|---|---|
| Port1 | External subnet used to connect the FortiGate-VM to the internet. |
| Port2 | LAN subnet used to deploy services. |