Deploying FortiMail-VM virtual appliance in Microsoft Azure

Facebooktwittergoogle_plusredditpinterestlinkedinFacebooktwittergoogle_plusredditpinterestlinkedin

The FortiMail Security Email Gateway for Microsoft Azure is deployed as a virtual appliance in Microsoft Azure cloud (IaaS). This recipe shows you how to install and configure a single instance FortiMail-VM virtual appliance in Microsoft Azure.

1. Registering and downloading your license

If you’re deploying a FortiMail-VM in the Microsoft Azure marketplace, you must obtain a license to activate it. FortiMail-VM for Microsoft Azure supports a bring-your-own-license (BYOL) licensing model.

Licenses can be obtained through any Fortinet partner. If you don’t have a partner, contact azure@fortinet.com for assistance in purchasing a license.

After you purchase a license or obtain an evaluation license (60-day term), you will receive a PDF with an activation code. 

Go to https://support.fortinet.com/ and either create a new account or log in with an existing account. 

Go to Asset > Register/Renew to start the registration process.

In the Specify Registration Code field, enter your license activation code and select Next to continue registering the product. Enter your details in the other fields.

 

At the end of the registration process, download the license (.lic) file for your FortiMail-VM.

After registering a license, Fortinet servers may take up to 30 minutes to fully recognize the new license. When you upload the license (.lic) file to activate the FortiMail-VM (in step 3), if you get an error that the license is invalid, wait 30 minutes and try again.

2. Creating a FortiMail-VM

Log in to the Microsoft Azure Portal and select + New

Search for Fortinet FortiMail Security Email Gateway and select it from the search results.

 

Under Select a deployment model, ensure that Resource Manager is selected. Select Create.

In the Basics section, set a FortiMail-VM name in the FortiMail virtual appliance name field. 

Set a FortiMail administrative username. This name can’t be admin or root.

Choose a FortiMail password for the new account and confirm the password. For security reasons, it’s not possible to reset this password through the Microsoft Azure portal, so make sure that you remember the password.

Select the appropriate Subscription from the drop-down list. You may have only one option here.

Create a new Resource group. Currently, it’s not possible to select an existing resource group for a Microsoft Azure Marketplace template set.

Set a Location for the VM.

Select OK.

The Network and Storage Settings and FortiMail IP address assignment sections contain FortiMail-VM settings that are optional, except for the virtual machine size and storage account, as explained below. Since you’re deploying the FortiMail-VM as a single instance on its own, you shouldn’t need to change the default values. 

Select Virtual machine size and select the appropriate VM size for your deployment.

Select Storage account and choose an existing storage account or create a new one.

To accept the Network and Storage Settings values, select OK.

To accept the FortiMail IP address assignment settings, select OK.

 

If your deployment model involves co-locating pre-existing resource group components such as storage, virtual network, subnet, public IP address, network security group, or availability set, you may need to modify these settings to fit into an existing topology. For more information about advanced deployments of cooperative products, see the Fortinet documentation.

Wait for validation to pass, then select OK.

 

Select Purchase to buy the FortiMail-VM instance from Microsoft Azure. 

Once the FortiMail-VM is deployed, you will see a “Deployment succeeded” message.

 

3. Connecting to the FortiMail-VM

To connect to the FortiMail-VM, you must find its public IP address. There are a number of ways to do this. One way is to select Virtual machines on the left bar and select the FortiMail-VM you created. Under Essentials, you will see the public IP address of the FortiMail-VM in the Public IP address field. 

Connect to the FortiMail-VM using your browser and the FortiMail-VM IP address. Log in to the FortiMail-VM with the FortiMail administrative username and FortiMail password that you configured above.  

Upload your license (.lic) file to activate the FortiMail-VM. Restart the FortiMail-VM and log in again.

After you log in, you will see that the license has been uploaded. You need to wait for authentication with the registration servers. This can take up to 15 minutes.

Select Return.

You will now see the FortiMail-VM dashboard.

 

 

Karyn Jacobs

Technical Writer at Fortinet
Karyn Jacobs is a technical writer on the FortiOS Technical Documentation team. She has a B.A.H. in English and a B.Ed. from Queen’s University, and has worked as a technical writer for the past 20 years at various high tech companies.
  • Was this helpful?
  • Yes   No
This must be a complex password containing three of the following types of characters: numbers, capital letters, lowercase letters, and special characters.