How to deploy FortiGate Firewall in VMWare Workstation

Like this article! Share via

Hi Guys! In this article, we will discuss how you can deploy the FortiGate Virtual Firewall in VMWare Workstation. You must have to download FortiGate virtual Firewall ovf file from your Fortinet support portal. In this scenario, we will configure the Virtual FortiGate Firewall in Linux as well as Windows environment. Before starting, it’s required you have a minimum of 4GB of RAM with i5 or i7 processor. So, let’s start!

Also Read: How to deploy FortiGate VM Firewall in GNS3

how-to-deploy-fortigate-vm-firewall-on-vmware-workstation

 

Step 1: Download FortiGate Virtual Firewall

First of all, you have to download your virtual FortiGate Firewall from your support portal. To do this, visit here, and go to Download > VM Images > Select Product: FortiGate > Select Platform: VMWare ESXi as per the given reference image below. By default, you did ‘t get any license associated with your virtual image. So, you have to buy the licenses as per your requirements.

how-to-download-fortigate-vm-firewall

Image Source: Fortinet

After downloading, FortiGate VM Compressed file, you need to extract the files in a folder. Just use your Extract tool to extract the zip file and it looks like the below image.

Must Read :  How to deploy Palo Alto Firewall directly in GNS3

fortigate-vm-firewall-download

Step 2: Download and Install VMWare Workstation

After downloading the Virtual Firewall image, you must have to download and install VMWare Workstation. If you already installed, just skip this step. To download VMWare Workstation, visit the official website VMWare Workstation or download it from filehippo. By default, you get 30 days evaluation period, after that, you can purchase it. Once you have installed it, it will be looks like the below image:

how-to-install-vmware-workstation-step-by-step-guide

Step 3: Configuring your Virtual Network Interfaces for FortiGate Firewall

Now, it’s time to configure your Virtual Network Adaptors as per your requirements. By default, there are only two virtual network interfaces, i.e., VMNet1 and VMNet8. So, click on Windows Start Button and search for Virtual Network Editor. If you are using Linux (i.e. Ubuntu, Mint, etc.) you can type below command to open Virtual Network Editor. Click on the Add Network and make your virtual interface host only. After that, you have to provide the IP address. For example, I  am going to use 192.168.100.0/24 for the vmnet1 interface.

sudo vmware-netcfg

how-to-configure-vmware-workstation

Step 4: Deploying the FortiGate VM Image in VMWare Workstation

Now time to deploy FortiGate virtual firewall in VMWare Workstation. Just open the VMWare Workstation and go to Files >> Open (Ctrl+O). Select the ovf file you have download from the support portal. This process will take some time, so have patience. After the successful completion of this process, just modify the assigned virtual network interfaces, memory, and processor. In my case, I’m giving 2GB RAM, 2 Processors, and 4 different virtual network interfaces (VMNet1, VMNet2, VMNet3, VMNet4). Let’s change the Firewall resources by clicking on Edit virtual machine settings. You can check the below images for reference.

Must Read :  The Complete Guide to Network Firewall 2020

how-to-setup-fortigate-firewall-in-vmware

fortigate-firewall-in-vmware-workstation

Step 5: Configuring the Management Interface of FortiGate VM Firewall

Now, we have just finished the process of deploying the FortiGate firewall in VMWare Workstation. Now you have to configure an IP address to the Management Port. The first virtual interface will be the management interface. So, assign an IP address in the same range as we assigned in Step 3. This is the first look when you press the power-on button.

how-to-start-fortigate-firewall-vm

Hint: The default username is admin and password is [blank].

To assign the IP address, you have to follow given commands:

config system interface
edit port1
set ip 192.168.100.200  255.255.255.0
set allowaccess https ping ssh
end

how-to-set-management-ip-in-fortigate-firewall

Step 6: Accessing the FortiGate VM Firewall using GUI (Graphical User Interface)

Now, it’s time to testing our configuration and accessing the FortiGate firewall using GUI. To do this, first, we will check the connectivity to our Firewall using the ping utility. After this, we will access the FortiGate Firewall GUI using its management interface IP address.

test_the_configuration_of_fortigate_Firewall_using_ping_utility

certification_error_while_accessing_fortigate_firewall

Default username is admin and password is [blank].

fortigate-vm-default-login-credentials

 

Related Articles

Summary

In this article, we have discussed how we can deploy the FortiGate Virtual Firewall in VMWare workstation. It is required that you have a minimum of 4 GB of RAM and i5 or i7 processor to deploy FortiGate in VMWare. If you have any difficulties in deploying the firewall in VMware, you can comment in the comment box!

Did you found this article helpful? Please comment your views in the comment box!

Like this article! Share via

8 Comments

  1. how to fix Access to 192.168.189.110 was denied
    You don’t have authorization to view this page.
    HTTP ERROR 403

    1. Please allow the HTTP access to that particular interface. You just need to use below command:

      “set allowaccess http https ping ssh”. Please Let me know if this not fix your problem.

  2. You don’t have authorization to view this page.
    HTTP ERROR 403. Allowd http https ping ssh telnet. Able to ping but able to do ssh or http or https

    1. Hi Praveen, by default, an HTTPS certificate prevents you to take GUI of the firewall. As you already allowed the HTTP, first try to open the FG Firewall using http:// in private/guest window. Second, make sure you get ping response as ttl 255 or 254. If you receive a ping from any other value, maybe you configured this IP on different devices/appliance.

      Please let me know if you still getting the issue.

Leave a Reply

Your email address will not be published. Required fields are marked *