The next VNF we will create within our lab is the Fortinet FortiGate-VM. It is a virtual firewall designed by Fortinet for use within virtual environments.
Obtaining an Image
After creating a profile on the Fortinet website, the FortiGate-VM can be downloaded from https://support.fortinet.com/Download/VMImages.aspx – Download the “New deployment” version for the KVM platform.
Once downloaded, extract the zip file to a convenient location.
Converting the Image
Now that we have downloaded a QCOW image, we need to convert it into a VirtualBox format to create our VNF. For the following steps, we need to open up a Linux Terminal and navigate to the location of our QCOW image. For me, it at the following location:
C:\Users\nfvdev\Documents\NFVs\fortios.qcow2In Linux, start by navigating to the folder of the QCOW image:
nfvdev@ubuntu:~$ cd /mnt/c/Users/nfvdev/Documents/NFVs/
nfvdev@ubuntu:/mnt/c/Users/nfvdev/Documents/NFVs$To convert the image, we will need install an application called “qemu-utils” (if not already installed):
nfvdev@ubuntu:/mnt/c/Users/nfvdev/Documents/NFVs$ sudo apt-get update
[sudo] password for nfvdev:
Hit:1 http://archive.ubuntu.com/ubuntu focal InRelease
Get:2 http://archive.ubuntu.com/ubuntu focal-updates InRelease [114 kB]
...
Get:29 http://security.ubuntu.com/ubuntu focal-security/multiverse amd64 c-n-f Metadata [536 B]
Fetched 7074 kB in 1s (4888 kB/s)
Reading package lists... Done
nfvdev@ubuntu:/mnt/c/Users/nfvdev/Documents/NFVs$ sudo apt-get install qemu-utils
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
ibverbs-providers libboost-iostreams1.71.0 libboost-thread1.71.0 libibverbs1 libiscsi7 libnl-3-200
libnl-route-3-200 librados2 librbd1 librdmacm1 qemu-block-extra sharutils
Suggested packages:
debootstrap sharutils-doc bsd-mailx | mailx
The following NEW packages will be installed:
ibverbs-providers libboost-iostreams1.71.0 libboost-thread1.71.0 libibverbs1 libiscsi7 libnl-3-200
libnl-route-3-200 librados2 librbd1 librdmacm1 qemu-block-extra qemu-utils sharutils
0 upgraded, 13 newly installed, 0 to remove and 26 not upgraded.
Need to get 7118 kB of archives.
After this operation, 33.6 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://archive.ubuntu.com/ubuntu focal/main amd64 libnl-3-200 amd64 3.4.0-1 [53.9 kB]
...
Setting up qemu-utils (1:4.2-3ubuntu6.19) ...
Processing triggers for libc-bin (2.31-0ubuntu9.2) ...
/sbin/ldconfig.real: /usr/lib/wsl/lib/libcuda.so.1 is not a symbolic link
Processing triggers for man-db (2.9.1-1) ...
Processing triggers for install-info (6.7.0.dfsg.2-5) ...Now that it is installed, we can convert the file with the following command:
nfvdev@ubuntu:/mnt/c/Users/nfvdev/Documents/NFVs$ qemu-img convert -f qcow2 fortios.qcow2 -O vdi fortios.vdiYou should now see two files in the folder. Feel free to remove the .qcow2 image now (we can always extract it from the zip or redownload it again).
nfvdev@ubuntu:/mnt/c/Users/nfvdev/Documents/NFVs$ ls -lh
total 157M
-rwxrwxrwx 1 nfvdev nfvdev 72M Feb 8 23:23 fortios.qcow2
-rwxrwxrwx 1 nfvdev nfvdev 86M Feb 13 10:39 fortios.vdi
nfvdev@ubuntu:/mnt/c/Users/nfvdev/Documents/NFVs$ rm fortios.qcow2Creating the VNF
Open up VirtualBox, click the “New” button and give it a name. I will be using “fortigate-7.0.5”. Give it a type of “Linux” and a version of “Other (64-bit)”.
On to RAM. I could not get the VM to boot with less than 1GB of RAM, so we will go with that:
Select “Use an existing virtual hard disk file” for the hard disk, then click the browse button next to it. From here, click “Add” and then browse to your vdi file and confirm it.
After clicking “Create,” you should be back at the main VirtualBox screen. Before booting the Virtual Machine (VM), there are some settings we need to tweak. Make sure the VM is selected, click “Settings”, and go to the “Network” tab.
For “Adapter 1”, make sure the “Attached to:” to be “Host-only Adapter” – this will be our Management interface.
I also like to change the “Adapter Type” (which is under Advanced) to “Paravirtualized Network (virtio-net)”.
Now it’s time to start the Virtual Machine. Click “Start”, and it should boot up until you see the login prompt. You can login with “admin” and an empty password.
You now have a fully working Fortinet ForiGate-VM running in VirtualBox!
