FortiGate appliance in VMWare Workstation

Fortinet vm available in Xen, HyperV, KVM version too.
FortiGate VM includes a limited embedded 15-day trial license if you run in VMWare Workstation and 75 days in ESXi that supports:
• 1 CPU maximum
• 1024 MB memory maximum
• low encryption only (no HTTPS administrative access)
• all features except FortiGuard updates
You cannot upgrade the firmware, doing so will lock the Web-based Manager until a license is
uploaded. Technical support is not included. The trial period begins the first time you start
-Check VMware vmnet number
click Start/Search/Network and Sharing Center
click Change adapter settings
right click View/Details
check VMnet port, below is VMnet1
22-Feb 15.33.53
change its ip to 192.168.1.2/24
Image
-Change Virtual Network Editor
open VMware Workstation
open menu Edit/Virtual Network Editor
click Change Settings
follow like this
Image
-download and install WIN7 vm with nic setting
Image
Set its ip address to 192.168.1.101

-download and extract FGT_VM64-v500-build0228-FORTINET.out.ovf.zip from

-open VMWare Workstation and click File/Open FortiGate-VM64.ovf
Set nic 1 to
Image
Set nic 2 to
Image
Set nic 3 till 10 to
Image
-login as admin without password
FortiGate-VM64 login:
Password:
#config system interface
interface#edit port1
port1#set ip 192.168.1.1/24
port1#set allowaccess ping https ssh http fgfm snmp
port1#set alias “LAN”
port1#next
interface#edit port2
port2#set ip 10.0.0.251/24
port2#set allowaccess ping
port2#set alias “WAN1”
port2#end
#config router static
#edit 1
#set gateway 10.0.0.1
#set device port2
#end
#config system dns
#set primary 8.8.8.8
#set secondary 8.8.4.4
#set domain “poc.com”
#set fwdintf “internal”
#config system ntp
config ntpserver
edit 1
set server “pool.ntp.org”
next
end
set ntpsync enable
set syncinterval 60
#end
#config system dhcp server
edit “internal_dhcp_server”
set default-gateway 192.168.1.1
set dns-server1 8.8.8.8
set dns-server2 8.8.4.4
set domain “poc.com”
set end-ip 192.168.1.200
set interface “internal”
set netmask 255.255.255.0
set start-ip 192.168.1.101
next
#end
#config firewall policy
edit 1
set srcintf “internal”
set dstintf “wan1”
set srcaddr “all”
set dstaddr “all”
set action accept
set schedule “always”
set service “ANY”
set nat enable
next
#end
#config router static
edit 1
set device “wan1”
set gateway 10.0.0.1
next
#end
#config system global
#set hostname FortiGate64
#set timezone 53
#set admin-ssh-grace-time 300
#set admin-lockout-duration 300
#set admin-lockout-threshold 1
if you didn’t specify admin-lockout-threshold, then you have maximum 3 attempts to login correctly
#config system admin
#edit admin
#set password newpassword
#end
#show system interface
#execute update-now
#execute cfg save
Now open putty from WIN7 and ssh to 192.168.1.1
login as: admin
FortiGate-VM64 #
or from WIN7, because we can’t use https in trial mode, we need to open web gui using http://192.168.1.1
Use trusted hosts to limit where administrators can log into the FortiGate unit from
1 Go to System > Admin > Administrators and Edit an administrator.
2 Select Restrict this Admin Login from Trusted Hosts Only.
3 Enter the Trusted Host IP addresses.
Advertisements

4 thoughts on “FortiGate appliance in VMWare Workstation

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s