By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AWS Direct Connect config file for Fortinet Firewall

0

Hi,

We're setting up an AWS Direct Connect connection. We deployed the Virtual Interface, attached it to a Virtual Gateway with an attached VPC. The Virtual interface is already available but the status is down, which is as expected. Our next step is the configuration for the BGP peering of our local machine to the AWS Virtual Interface. We're having issues in the configuration of our local machine which is Fortigate Firewall since the configuration files that AWS can only provide is for Cisco, Juniper or Palo Alto. We tried using Juniper for the configuration since it has similarities with Fortinet. We followed the steps downloaded from the Virtual Interface sample configuration file but the Virtual Interface status is still down.

Are we missing something? Is the Fortinet Firewall not recommended as router for Direct Connect Virtual Interface?

Topics
Networking & Content Delivery
Tags
AWS Direct ConnectVPC Virtual Private Gateway
Language
English
Rye
asked a year ago1533 views
2 Answers
1

As long as your Fortinet device supports the prerequisites mentioned here it will be supported.

Note that the configuration file provided by AWS is example only it is impossible to cover and provide configurations for all the different vendors, different hardware and software versions so this guidance is best effort only.

So you can download a config file to use as a guide, but commands need to be 'translated' into Fortinet compatible ones.

General steps:

  • Disable auto-negotiation
  • Configure (sub)interface for IP address and 802.1Q trunking, using corresponding values as when VIF in the AWS console was created
  • Configure BGP to peer with AWS router accordingly

Example configs can also be found here.

I suggest reaching Fortinet support and AWS support for troubleshooting, as re:Post platform is for general guidance and not troubleshooting issues.

profile pictureAWS
EXPERT
Tushar_J
answered a year ago
  • Rye
    a year ago

    Thank you for this.

0

Yes, i know Fortinet is supported and recommended

Based on your description you probable need support only for config FortiGate as required by AWS.

cedrimendes
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content