Post

Running a FortiGate in VMWare

Posted Updated
By
5 min read
Running a FortiGate in VMWare

It has been some considerable time since I last put up a blog post, I just wanted to go in a different direction for a while, it happens.

The direction has been confusing and has me wondering what my next steps will be…

I love security don’t get me wrong, it’s the most fun you can have on a computer when you are a nerd and a gamer, but I feel a pull in another direction and as such I want to put up some helpful posts every now and again for people that might want to play with something new.

Recently I undertook some free training from Fortinet… you know that company that constantly has exploits and news cycles, that one.

I felt a little bad about it but as time has gone on I can kinda see where the problem might be and as such my ‘I can help’ voice took over for a bit…

1

See.. crazy I know.

So in the last week I’ve broadened my horizons and learned about AI and Agentic Systems as well as an ‘ass load’ of Fortinet Cybersecurity content.

From the latter I wanted to share setting up a Fortigate locally on your machine (Via VMware) so you too can have a play and a poke with it, some features are unavailable however you can set things up and run some stuff through it to see what kinds of fun things you can log and track.

Prerequisites

To install a Fortigate Firewall on VMware Workstation you will first need to register for an Fortinet Support Account so you access the downloads section - https://support.fortinet.com/Download/VMImages.aspx.

Once logged in click on Download > VM Images, Select Product: FortiGate and Select Platform: VMware ESXi and download the Latest Version (7.6.4).

Be sure to click Download under the ‘New deployment of FortiFirewall for VMware FFW_VM64-v7.6.4.F-build3596-FORTINET.out.ovf.zip (111.94 MB)’ if this is a new installation or VM, if you already have it installed you can grab the one titled ‘Upgrade from previous version of FortiFirewall for VMWare FFW_VM64-v7.6.4.F-build3596-FORTINET.out (112.43 MB)’:

2

Once downloaded you can extract out the files by right clicking and ‘Extract All’ and let it dump out to your download folder:

3

Installation

Now you have done that open VMWare Workstation and select ‘Open a Virtual Machine’:

4

Select your ‘main’ file:

5

And you’llm need to accept the EULA:

6

After hitting Next you will get the option to give the VM a name and where it will be stored (I keep everything in a ‘Virtual Machines’ local folder):

7

Now some guides will have you change the initial ‘Network Adapter’ to NAT, run the VM, log into it and then reset it and do it all over again on round2 because of how the VM licence works.

I tried this and completely shafted the install so instead go to the Edit Virtual Machine Settings and under Options, make sure VMware Tools Time Sync, is set to sync with host:

14

And save it, then boot it up!

It will run its initial auto config, repartition the disk drive etc etc and eventually spit you out at the login screen.

The username is admin, the password is blank… super secure… though when you do log in it asks you to set up a new admin password ;)

8

Configuration

Once logged in you can start to do some initial setup, to get this working the following is what I entered:

1

get system status  #Displays a ton of information about the current state of the device

9

1

show system interface  #Displays the interfaces (ports and access) of the device

10

We need to configure the port and then the default gateway so we can access the device so run the following:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

config system interface

edit port1

set mode static 

set ip (your desired IP in my case it was 192.168.4.200) 255.255.255.0

set allowaccess https http ping ssh

end

config router static

edit 1

set device port1

set gateway (your desired IP in my case it was 192.168.4.199 as 200 was taken)

next

end

That will configure the port and gateway so we can log into the router via the web.

The next thing I had an issue with was getting the licence, kept throwing up DNS errors so while we are here, lets configure the DNS:

1
2
3
4
5
6
7

config system dns

set primary 8.8.8.8

set secondary 8.8.4.4

end

Now to be safe you can reboot the device from the VMware menu up top:

11

Once rebooted we can try to log in via the web interface with the admin username and password you have created:

12

Now when you log in you are presented with a setup screen which may also warn that you need a valid licence to use the software, not to worry you can get a free perpetual licence for use from fortigate:

13

Once ‘activated’ you should be brought to the ‘main menu’, the Dashboard of the Fortigate, if not it may take you through a quick little setup side mission but you can skip that part for now.

Success

Behold! Your Dashboard:

15

And that it! Following on from this you can follow along with your training to play around with most parts and sections, again some locked off as its only a perm evaluation licence, but still enough to play around to try new things.

Good luck.

Peace

🤙

I don’t have any sponsors or anything but if you enjoy my work, or feel sympathy for my wife, then I have set up a Ko-Fi account as well as a BuyMeACoffee people can donate to.

Blog
blog VMWare Fortigate
This post is licensed under CC BY 4.0 by the author.