How to make your own Fortigate VM setup for home Lab

Facebooktwittergoogle_plusredditpinterestlinkedinmail
  • First what are requirement for Fortigate VM installation.
  • What might be the Possible Problems Encounter during Fortigate vm Installation.
  • And Procedures on how to install the Fortigate VM on VMware Workstation.

Virtual Fortigate installation using VMware Workstation

The Fortigate Firewall, Fortinet’s Next generation firewall series. Like most other security platform today now have Virtualization option. For us who wants to have a demo lab right on our desktop computer we may utilize the Fortigate vm trail version. On this page, we will share the steps to initialize the virtual Fortigate using the VMware Workstation until we are able to access into the browser using http. I will share some problems i have encounter during this process

 

Fortigate VM Installation Requirements

Though Fortigate support other Hypervisor on this demo I will use the VMware Workstation. What I use specifically is the VMware® Workstation 9.0.0 build-812388

On the Vmware workstation, Fortigate system requirement will limit us to only 1CPU and 1G memory for the trail version. For a home lab using a laptop this should be just fine until you will need to deploy the Fotigate system to a actual live network, then you will need to have the full paid version.

You will need a copy of the Fotigate OVA file which if you do not have access to the Fortigate support page for download, you may look for a Fortinet authorize Partner for a copy of the Fortigate trial version. What I have on this demo is FortiGate-VM64.hw04, which would run on the Fortigate’s latest firmware version 5.4. For those who are familiar with the previews Fortigate versions you will find that Fortinet change its navigation and theme.

 

Possible Problems Encounter during Fortigate vm Installation

“The Host Support Intel VT-x, but Intel VT-x is disabled” – ERROR may appear if you try to import the OVA, this happen if your Intel processor ether do not support the Virtualization or this feature is disabled where in on this case, you may restart your computer, enter the BIOS configuration and enable this features. If this is not present on the BIOS settings then your Intel processor may not support this.

Fortigate VM trial version is unlicensed and so only 15 days are given from the time it is first installed after which access will be denied until license key are purchase and entered. As alternative, instead of VM installation, You may request access to the Fortigate demo center which is hosted on the cloud were you may also access the same GUI of the Fortigate

 

Procedures to install the Fortigate VM on VMware Workstation

Assuming your computer have the VMware Workstation already installed and you also have downloaded the Fortigate OVA file then let’s get started.

  • VMware workstation: From the VMware workstation open the Fortigate OVA to import file then accept the license agreement. This will then import the OVA into your VMware workstation.

FortigateVMworkstation-Open     Open the OVA from the Vmware workstation : File – Open

FortigateVMworkstation-OVAImport

Select the OVA file, then import

FortigateVMworkstation-licenseAgreement

Accept the License Agreement

 

 

  • VMware workstation: Go to the link “Edit virtual machine setting”. Memory can only be set up to 1 Gb max for trial version. VMware workstation: Network adaptor set to custom and VMnet1, this is virtual adaptor that will connect your virtual Fortigate machine with the physical environment.

FortigateVMworkstation-powerOn

Press the Play button to start the Virtual Machine

 

  • VMware workstation: After setting up, you may now power on the Fortgate Vitual machine by pressing the power button. On the screen you will see the installation loading until it says “DONE”. After which at the end it will give you the access to login on command line.

 

  • Command Line Access: Login using the Fortigate default login. Username is admin and no password, just leave the password blank and it enter.
  • Command Line Access: Once login, next is to configure the system with basic setup like host name and LAN IP address to allow is to access the Fotigate using the browser for easier system configuration. For command line guidance you may enter question mark symbol “?”. You may also hit the tab key on the keyboard repeatable until you find your desire command. I have provided below the basic commands to provide the needed initial setup for our purpose.

 

Initial Fortigate Command line Configuration

 

Set Host name

FortigateVM64 # configure system global

FortigateVM64 # set hostname <hostname>  “example FortifateVM64

 

Set Initial access IP and port configuration

FortigateVM64 # config system interface

FortigateVM64 (Interface) # edit port1

FortigateVM64 (port1) # set ip <ip address/subnet>   “example 192.168.0.1/24”

FortigateVM64 (port1) # set allowance ping http fgfm

FortigateVM64 (port1) # set alias “LAN1”

FortigateVMworkstation-initialcmd

Open the command line to key-in the command

 

Other more advance settings can be configured on the GUI once Fortigate is accessible via browser. Configuration such as change login password, WAN, DHCP, Firewall Policy, etc.

 

  • Browser access: Once all the settings above are done, we should now be able to access the Fortigate though its browser via http (note that https access is not enable of the trial version) Open browser using assign IP address and enter using the default Username and no password same as on the CLI access

FortigateVMworkstation-browserlogin

Fortigate User Login page

Once login, Pop-up window will show that Fortigate VM installation is on evaluation mode and will update on the days remaining until expiration to which you have the option to enter the license key.

From this point on you may start playing around and navigating through its menus. For other settings and features you may refer to the Forigate official Cookbook for the VM installation Guide and FortiOS

Note however that since you dont have the Fortigate services such as the Anti Virus, Intrusion Prevention, Anti spam, and others,  all you can do are to practice navigating and check on common firewall policies.

 

 

One thought on “How to make your own Fortigate VM setup for home Lab

Leave a Reply