At a high level, you will need to deploy the device on Azure and then configure the internal “guts” of the device to allow it to route traffic properly on your Virtual Network (VNet) in Azure.
This is more of a reflection of the steps I took rather than a guide, but you can use the information below as you see fit.
From the PC, start the remote desktop client by specifying FortiGate A’s public IP address.Here is a recap of some of the reflections I have with deploying Fortinet's FortiGate appliance on Azure. Do not forget to make the same port forwarding configuration on FortiGate B as in the previous steps. You should still be able to access the Windows Server through FortiGate B. This IP address is what you specified in the load balancing rule as the frontend IP address. From your PC, start the remote desktop client by specifying the public IP address previously assigned to FortiGate A. Verify your management GUI access to FortiGate A does not work after shutdown. If only FortiGate B is found to be alive, the Azure load balancer passes incoming traffic only to FortiGate B. When one FortiGate is shut down, the Azure HA set shows the status as the following:. It may take a few minutes to completely shut down. Test the failover case by shutting down FortiGate A. At this stage, you know that at least FortiGate A’s port forwarding works as expected. If you can see the Windows desktop, this means FortiGate A’s firewall policy for RDP port forwarding is working as expected. From the PC, start the remote desktop client by specifying FortiGate A’s public IP address. Session persistence: to learn about this option, click the information symbol. Backend pool: by default, there is only one value consisting of the two FortiGate instances. Backend port: 3389 for RDP port listening on the Windows Server. Port: 3389 for an RDP request made by your remote desktop application. In this example, let’s choose the one associated with FortiGate A. Frontend IP address: choose from the two available values. 
Click Add to create a new load balancing rule. Locate the Azure load balancer, then click Load balancing rules. This is the most crucial configuration to ensure the HA setup functions. Use case: High availability for FortiGate on Azure (Failover test) Creating load balancing rules and accessing the Windows server via Remote Desktop (Use case) Setting up a Windows server in the protected networkĬonfiguring FortiGate firewall policies and virtual IPs Locating FortiGate HA for Azure in the Azure portal or marketplaceĬreating the VNet and subnets in network settings Installing the FortiGate license (BYOL only)ĭeploying and Configuring Azure Load-Balancing HA Use case: High availability for FortiGate on Azure | FortiGate Public Cloud 6.0.0 | Fortinet Documentation Libraryĭeploying and configuring active-passive HA
0 kommentar(er)
