App360 User Guide

When the FortiGate plugin enabled, App360 can manage interfaces and firewall policies of FortiOS. This user guide will cover sections below:

• Provision FortiGate VM from virtual appliance
• Connect an internal network to FortiGate
• Manage firewall policies

Part 1 will covers the setup process as following:

• Download the official virtual appliance from https://support.fortinet.com
• Import the KVM VM template to OpenStack
• Provision the virtual appliance
• Enter remote console to configure management interface and admin password

The initial config we will apply to FortiGate is:

config system interface
  edit port1
    set mode dhcp
    set allowaccess ssh https
    set mtu-override enable
    set mtu 1000
  end
config system admin
  edit admin
    set password Password
  end

Connect an internal network to FortiGate

Now we have a functional FortiGate server. However only 1 NIC is not enough, in this step we will add one more NIC to the FortiGate and configure it to obtains IP from DHCP server.

Manage firewall policies

This section we will configure FortiGate as the virtual firewall between two networks. We will start by deploying a db server in internal network and a web server in external network. The web server will has a route so it can talk to internal network thru the FortiGate. At the beginning, ping test failed with packet loss since FortiGate drops all packets by default. A workflow will be setup then to make the packet go thru.