Sunday, May 14, 2017

Initial Connectivity to FortiGate in EVE / UNL (FortiGate-VM64-KVM)

You can use FortiGate-VM64-KVM image in EVE for lab use. Upload it to your EVE machine's qemu folder as usual qemu image and create a new lab.

Following are the settings of my EVE machine which runs in VMware Workstation.

The important thing here is what I use as my 1st network adapter which I use to log into EVE machine. Typically you would also have the same. It's the NAT adapter.

Go to Edit > Virtual Network Editor to see the IP range assigned for your NAT adapter..

It's range. Actually you don't need to look this even. Because It's the IP range of your EVE machine is in. Ex:- My EVE machine is assigned with

But if you are using some other VMnet ex:- VMNet1 which is the Host-only adapter, you would have to see this to define the IP address you are going to assign to your Fortigate..

This is for the basic access. In actual hardware, we have several dedicated ports for Management, HA, WAN, LAN etc. We don't have such ports here. All are just equal type ports and by default there will be 4 ports. Of course you can add many as you want later..

Select the Fortigate from menu and wire it up with Cloud 0 connection.
To add a Cloud 0 connection right click on work space and go to Networks.

Cloud 0 is directly connected to the 1st NIC (VMNet8 - NAT adapter in my case).

Now start the FortiGate and use your SSH client to access the terminal..

Default username is admin and there is no password.. Just hit enter, you will go to the privilege mode.

View the IP address in interfaces by following command; do not hit enter at the end of the command, just hit ? and the summary will be displayed..
FortiGate-VM64-KVM # show system interface ?

As you can see, there is no IP address assigned to any port. In actual hardware you will see the management interface which is with a factory assigned IP address..
Here you have to give it manually..

Hit following commands to set the IP for the port 1 which is connected to Cloud 0 (NAT adapter)..
FortiGate-VM64-KVM # config system interface 
FortiGate-VM64-KVM (interface) # edit port1 
FortiGate-VM64-KVM (port1) # set ip

Now view the interfaces again..
FortiGate-VM64-KVM # show system interface ?
Now you can see it is assigned. You should be able to ping it from your Windows command prompt from now on.. (If you also used NAT adapter like I did..)

Now go to a web browser and type (or the IP you gave to your Forti) on URL field and hit enter..

Name is admin and enter without password.. Now you have your FortiGate working..
(click on the images to view in full size)

2 comments to “Initial Connectivity to FortiGate in EVE / UNL (FortiGate-VM64-KVM)”

  • August 4, 2017 at 7:55 AM
    Anonymous says:

    Hi there, I enjoy reading through your article post.
    I wanted to write a little comment to support you.

    Here is my web site :: read me

  • November 14, 2017 at 9:10 PM
    Anonymous says:

    Awesome blog you have here but I was curious if you knew of any discussion boards that cover the same topics talked about here?
    I'd really like to be a part of online community where I can get feed-back from other knowledgeable
    people that share the same interest. If
    you have any suggestions, please let me know. Kudos!


Post a Comment