AWS Direct Connect config file for Fortinet Firewall

0

Hi,

We're setting up an AWS Direct Connect connection. We deployed the Virtual Interface, attached it to a Virtual Gateway with an attached VPC. The Virtual interface is already available but the status is down, which is as expected. Our next step is the configuration for the BGP peering of our local machine to the AWS Virtual Interface. We're having issues in the configuration of our local machine which is Fortigate Firewall since the configuration files that AWS can only provide is for Cisco, Juniper or Palo Alto. We tried using Juniper for the configuration since it has similarities with Fortinet. We followed the steps downloaded from the Virtual Interface sample configuration file but the Virtual Interface status is still down.

Are we missing something? Is the Fortinet Firewall not recommended as router for Direct Connect Virtual Interface?

Rye
질문됨 일 년 전1559회 조회
2개 답변
1

As long as your Fortinet device supports the prerequisites mentioned here it will be supported.

Note that the configuration file provided by AWS is example only it is impossible to cover and provide configurations for all the different vendors, different hardware and software versions so this guidance is best effort only.

So you can download a config file to use as a guide, but commands need to be 'translated' into Fortinet compatible ones.

General steps:

  • Disable auto-negotiation
  • Configure (sub)interface for IP address and 802.1Q trunking, using corresponding values as when VIF in the AWS console was created
  • Configure BGP to peer with AWS router accordingly

Example configs can also be found here.

I suggest reaching Fortinet support and AWS support for troubleshooting, as re:Post platform is for general guidance and not troubleshooting issues.

profile pictureAWS
전문가
답변함 일 년 전
  • Thank you for this.

0

Yes, i know Fortinet is supported and recommended

Based on your description you probable need support only for config FortiGate as required by AWS.

답변함 일 년 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인