Create a routing table and associate subnets

This recipe is part of the process of deploying FortiGate for AWS. See below for the rest of the recipes in this process:

1. Determine your licensing model
2. Register and download your licenses
3. Create a VPC and subnets
4. Attach the new VPC to the Internet gateway
5. Subscribe to the FortiGate
6. Create a routing table and associate subnets
7. Connect to the FortiGate
8. [Use case] Set up a Windows Server in the protected network
9. [Connectivity test] Configure FortiGate firewall policies and virtual IPs

Configure the routing tables. Since the FortiGate has two interfaces, one for the public subnet and one for the private subnet, you must configure two routing tables.

1. To configure the routing table for the public subnet, select VPC in the Networking & Content Delivery section of the AWS Management Console. In the VPC Dashboard, select Your VPCs, and select the VPC you created. In the Summary tab in the lower pane, select the route table ID located in the Route table field. To easily identify the route table, set a name for it in the Name field.

2. In the Routes tab, select Edit, then select Add another route. In the Destination field, type 0.0.0.0/0. In the Target field, type ig and select the Internet Gateway from the auto-complete suggestions. Select Save. The default route on the public interface in this VPC is now the Internet Gateway.

3. In the Subnet Associations tab, select Edit, and select the public subnet to associate it with this routing table. Select Save.

4. To configure the routing table for the private subnet, select Create Route Table. To easily identify the route table, set a name for it in the Name field. Select the VPC you created. Select Yes, Create.

5. In the Routes tab, select Edit, then select Add another route. In the Destination field, type 0.0.0.0/0. In the Target field, enter the interface ID of the private network interface. To find the interface ID, go to the EC2 Management Console, select Instances, and select the interface in the Network interfaces section in the lower pane of the page (Interface ID field). Select Save. The default route on the private subnet in this VPC is now the private network interface of the FortiGate.

6. In the Subnet Associations tab, select Edit, select the private subnet to associate it with this routing table. Select Save. Two routing tables, one for the public segment and one for the private segment, have now been created with default routes.

7. In the EC2 Management Console, select Instances, and select the network interface that you created for the private subnet (in this example, eth1) in the Network interfaces section in the lower pane. Select the interface ID.

8. Select the network interface, select the Actions drop-down menu, select Change Source/Dest. Check. Select Disabled. Select Save.

The post Create a routing table and associate subnets appeared first on Fortinet Cookbook.