This recipe is part of the process of deploying FortiGate HA load-balancing for Microsoft Azure using Azure load balancer. See below for the rest of the recipes in this process:
- Basic concepts
- Traffic flow
- Azure load balancer
- Inbound NAT rules
- Load balancing rules
- Locate FortiGate HA for Azure in the Azure portal or Azure marketplace
- Determine your licensing model
- Configure FortiGate initial parameters
- Create VNet and subnets in network settings
- Select Azure instance type
- Assign Azure IP address
- Validate deployment resources
- Create FortiGate instances
- Connect to the FortiGate
- [Use case] Set up a Windows Server in the protected network
- Configure FortiGate firewall policies and virtual IPs
- [Failover test] Create load balancing rules and access the Windows Server via remote desktop
- In step 4, Summary, the validation process automatically runs to check if all configuration works.
If there is no problem, the validation is successful.
- Depending on your environment, there may be an error upon validation. If this occurs, resolve and start the deployment process again. Common errors are listed in the table below:
Resolution Resource usage upper limit is reached Create an Azure support ticket to increase the quota, or remove existing resources in the same region with the same subscription. In Azure, resources are bound to regions and subscriptions. Subscription does not support the purchase Ask your company’s Azure administrator to enable the purchase on the subscription you selected. Sometimes this may be an Azure IAM access control problem on the subscription, which can be solved by an admin adding your user login account from the Subscription menu.
Note if an error occurs at this stage, some resources (such as the resource group) will have already been created even without the successful creation of FortiGate instances. You can remove the resources and start over or specify different names next time when you run the deployment process.