Forum Discussion

hamma91's avatar
hamma91
Brass Contributor
Dec 03, 2021

add a new vnet to the Fortigate on azure

Hello 

 

With Fortigate now i have one virtual network (subnet inside / outside)

 

I want to add a new virtual network and integrate it with the fortigate, how i do that configuration ?

  • hamma91 

     

    Hello  

    - Create a route table  and associate  to all subnets of you virtual network (If you want to redirect the trafic for all subnets otherwise you can exclude one or more of them) 

    - Create a user defined route  with  the following config 

         - Name : Friendly Name (ex : To_Firewall)

         - Address prefix :  0.0.0.0/0

         - Next Hop type :  Virtual Appliance 

         - Next Hop Ip address : Private IP of your Virtual appliance (here the fortinet) 

    In the fortinet virtual appliance config 

    - create the objects for the virtual network or subnets  

    - create rules for the traffic  that fit your needs  

     

  • ibnmbodji's avatar
    ibnmbodji
    Steel Contributor

    hamma91 

     

    Hello  

    - Create a route table  and associate  to all subnets of you virtual network (If you want to redirect the trafic for all subnets otherwise you can exclude one or more of them) 

    - Create a user defined route  with  the following config 

         - Name : Friendly Name (ex : To_Firewall)

         - Address prefix :  0.0.0.0/0

         - Next Hop type :  Virtual Appliance 

         - Next Hop Ip address : Private IP of your Virtual appliance (here the fortinet) 

    In the fortinet virtual appliance config 

    - create the objects for the virtual network or subnets  

    - create rules for the traffic  that fit your needs  

     

    • hamma91's avatar
      hamma91
      Brass Contributor

      ibnmbodji  thank you for y'r reply 

       

      I create the RT. 

       

      In the firewall, i have by default my two ports : 

      port 1 : for external and port 2 : for internal   ===> for the first Vnet. (not the new one)

       

       

      To configure the new subnet on my firewall, i must use wich interface ? 

      *** I create the address (object) of my new subnet on the firewall. 

       

       

       

      • ibnmbodji's avatar
        ibnmbodji
        Steel Contributor

        hamma91 

         

        You create  rule for  Inside  and a rule for outside like the ones in screenshots 

        disclaimer : this is only for testing the traffic in prod you should  have very restrictive policies 

Resources