- Fortigate in GNS3 - HOW TO. I'm working on my NSE4 certification and up until this week was getting very frustrated with trying to build a decent lab with Fortigate. I took a few hours and finally believe I have this working so figure I'd share.
- Learn How to Add Cisco Cloud Service Router CSR1000v to Eve-ng. Cisco Cloud Service Router CSR1000v is widely used in CCIE Labs and Cloud enterprise platforms like AWS, Azure and much more.
Fortinet is a reputed brand in the network security field. Moreover, every network engineer wants to learn it. But it’s not easy to get access to a running firewall for a newbie. But, no one will give you a brand new firewall for your R&D if it is not purchased by you. As a result, you will practice it and master it on GNS3 firewall virtualization. Therefore, Technibas brings this tutorial “Fortinet firewall 6.4 on GNS3”.
Why this tutorial
Introduction to Fortinet and Fortigate Firewalls - Implement Redundant Fortinet NGFW Solution - Deploy Fortinet Site-to-Site VPNs. W/ Cisco ASA VPN Included - Deploy Fortinet Remote Access (RA) VPNs - Build your Own Networking Learning Environment on GNS3.
So, here I will show you how to integrate Fortinet firewall 6.4 on GNS3 and basic firewall configuration. In addition, I assume that you have already installed the latest version of GNS3 on your PC. Similarly, If you have not yet installed it then you can follow my GNS3 installation tutorial.
Required files for installation
At first, to download this file you need a Forticloud account and make sure you download the KVM (FOS_VM64_KVM-v6-build1778-FORTINET.out.kvm.zip) version.
- Now open gns3 and navigate all devices and click new template.
2. Select Install an application from the GNS3 server(recommended).
3. Filter Firewall then click on FortiGate and hit the install button.
4. Select Install the appliance on GNS3 VM (recommended) and hit next. Make sure your GNS3 VM server is already configured.
5. Most importantly, in the Required files window for Fortinet 6.4.3, you need to click the create a new version button and create an appliance. Now click the Fortigate 6.4 and import the fortios.qcow2 and empty30G.qcow2.
6. It is almost done now you can follow the screen instruction and finish.
- At first, open a new blank project from file menu, then drag the newly installed Fortigate 6.4 from all device section and start the device.
- Right-click on Fortigate and open the console window, here you can see fortiOS first time booting processes. As a matter of fact, it takes a few minutes depending on your PC configuration.
3. Now log in to the firewall by default user id admin and a blank password. Here the firewall prompts you for a new password, set a suitable password on your own. Boom! now you can access the firewall.
Connect Fortinet to PC
- Firstly, drag Cloud on your project area and choose local server. Then right-click and configure it.
- Subsequently, in the cloud configuration window select your pc LAN interface and add it. Now connect it to a firewall port.
3. In your firewall console write the below command to set IP address (set same desktop subnet IP ).
- config system interface
- edit port9
- set mode static
- set ip 192.168.1.200/24
- set allowaccess ping https http telnet ssh
4. Now open any browser and write the given IP address and hit enter. It opens your FortiGate in GUI.
5. As you wish, Set the hostname and continue.
Connecting to the internet
- For reaching the internet you are setting up a static route in your Firewall.
- Click Network then select Static Route and hit Create New.
- Set Destination 0.0.0.0/0 Gateway Address as your desktop internet gateway and Interface section set connected firewall port.
4. Now from cli execute ping 184.108.40.206 or any wan IP or DNS you will see the ping reply.
That’s all for this article, here we learn how to install Fortinet firewall 6.4 on gns3 and how to configure it. In the next article, I will describe how to configure other stuff in Fortinet. Further, if you have any problem you can follow Technibas YouTube channel where you can see this article in video format. Lastly, you can comment for any queries and request new network and firewall related articles.
Hello, in this detailed guide i will show you how to add Fortigate to GNS3, how to do basic network configuration for the machines, and how to access FortiGate through CLI (Command-Line) and web.
• GNS3 (V 2.0.3) & GNS3 VM (Or above)
• Download FortiGate appliance from Here
• Download FortiGate 5.6 Image from Here
• Download Tiny Linux Firefox Appliance from Here
• Download Tiny Linux Firefox Image from Here
Import Appliances & Images
Start a new blank project, click File > Import Appliance, then choose the FortiGate appliance file (.gns3a)
Click Next, then choose 'Run the appliance on the GNS3 VM(recommended)' option, after GNS3 verify the VM requirements to run the appliance, click Next.
Click on Refresh, a list of all the required FortiGate files will appear like the following
In your case all the files will be missing. For this guide i will be using FortiGate 5.6.1.
Under FortiGate 5.6.1 on the list, click on FGT_VM64_KVM-v5-build1484....., then import, then choose the file extracted from the FortiGate Image.
Note: In order for FortiGate to operate, it needs an empty harddisk
The harddisk can be created using linux tool called 'qemu-img' using the following command:
or you can download the file from Here .
To import the harddisk into GNS click on empty30G.qcow2 under FortiGate 5.6.1 on the list, then import and choose the harddisk file.
After adding the two files they will be ready to install, click on Next, then choose /usr/bin/qemu-system-x86_64 (v2.5.0) for Qemu binary, then click Next, Next, Finish.
FortiGate will appear on Security Devices Tab
To import Tiny Linux Firefox, Click File >>> Import Appliance >>> Choose the Tiny Linux Firefox Appliance file >>> Click Next >>> Under Firefox 31.1.1~2 click on linux-tinycore-linux-6.4...... then import >>> choose the Tiny Linux Firefox image file >>> Click Next >>> choose /usr/bin/qemu-system-i386 (v2.5.0) for Qemu binary >>> Click Next, Next, Finish.
Firefox will appear in the End Devices tab.
Network Topology & Configuration
For this guide i will configure a very basic network topology.
Right-Click on FortiGate, then click on Console to access the CLI. The username is 'admin' and blank password.
To set IP on port 1 run the following commands.
Tiny Linux Firefox Configuration
Right-Click then choose console, a GUI will appear.
open a terminal and run 'ifconfig' to check for network interfaces. in my case i will configure interface 'eth0'. Run the following commands to set an IP.
To open Fortigate through web, click on Firefox and type your default gateway IP in the URL bar. Enter username 'admin' and empty password
Gns3 Appliance Missing Files
Finally, the portal will open and you should see the following
Fortigate Firewall Download
I hope that this will help you in configuring FortiGate inside GNS3.