Sunday, May 14, 2017

Initial Connectivity to FortiGate in EVE / UNL (FortiGate-VM64-KVM)

You can use FortiGate-VM64-KVM image in EVE for lab use. Upload it to your EVE machine's qemu folder as usual qemu image and create a new lab.

Following are the settings of my EVE machine which runs in VMware Workstation.























The important thing here is what I use as my 1st network adapter which I use to log into EVE machine. Typically you would also have the same. It's the NAT adapter.

Go to Edit > Virtual Network Editor to see the IP range assigned for your NAT adapter..










It's 10.1.1.0/24 range. Actually you don't need to look this even. Because It's the IP range of your EVE machine is in. Ex:- My EVE machine is assigned with 10.1.1.200

But if you are using some other VMnet ex:- VMNet1 which is the Host-only adapter, you would have to see this to define the IP address you are going to assign to your Fortigate..

This is for the basic access. In actual hardware, we have several dedicated ports for Management, HA, WAN, LAN etc. We don't have such ports here. All are just equal type ports and by default there will be 4 ports. Of course you can add many as you want later..


Select the Fortigate from menu and wire it up with Cloud 0 connection.
To add a Cloud 0 connection right click on work space and go to Networks.

Cloud 0 is directly connected to the 1st NIC (VMNet8 - NAT adapter in my case).

Now start the FortiGate and use your SSH client to access the terminal..


Default username is admin and there is no password.. Just hit enter, you will go to the privilege mode.







View the IP address in interfaces by following command; do not hit enter at the end of the command, just hit ? and the summary will be displayed..
FortiGate-VM64-KVM # show system interface ?

As you can see, there is no IP address assigned to any port. In actual hardware you will see the management interface which is with a factory assigned IP address..
Here you have to give it manually..

Hit following commands to set the IP for the port 1 which is connected to Cloud 0 (NAT adapter)..
FortiGate-VM64-KVM # config system interface 
FortiGate-VM64-KVM (interface) # edit port1 
FortiGate-VM64-KVM (port1) # set ip 10.1.1.50/24

Now view the interfaces again..
FortiGate-VM64-KVM # show system interface ?
Now you can see it is assigned. You should be able to ping it from your Windows command prompt from now on.. (If you also used NAT adapter like I did..)


Now go to a web browser and type 10.1.1.50 (or the IP you gave to your Forti) on URL field and hit enter..

Name is admin and enter without password.. Now you have your FortiGate working..
(click on the images to view in full size)










1 comments:

  • August 4, 2017 at 7:55 AM
    Anonymous says:

    Hi there, I enjoy reading through your article post.
    I wanted to write a little comment to support you.

    Here is my web site :: read me

    delete

Post a Comment