Fortinet FortiSandbox provsion Azure network interfaces using powershell

The aim of this blog is to quickly deploy 9 network interface cards for the advanced deployment of Fortinet Sandbox instances using powershell. Each instance will require at least interfaces (3 if you are deploying high availability) and each interface will be deployed into its respective subnet with a static ip address.

I have broken the deployment down into 3 parts based on each subnet, namely, management subnet, virtual machine subnet and HA subnet.

##Part 1 - Lets begin by deploy 3 NICS in the Management subnet for our 3 vm instances

$ResourceGroupName = 'allen-vnet'
$Subnet = Get-AzVirtualNetwork -Name "sandbox-vnet" -ResourceGroupName $ResourceGroupName


#####This will deploy the NIC1 for VM1 #########
$IPconfig = New-AzNetworkInterfaceIpConfig `
-Name "FSB-Management-vm1-nic-1-config" `
-PrivateIpAddressVersion IPv4 `
-PrivateIpAddress "50.0.0.5" `
-SubnetId $Subnet.Subnets[0].Id `

New-AzNetworkInterface `
-Name "FSB-Management-vm1-nic-1" `
-ResourceGroupName $ResourceGroupName `
-Location "uaenorth" `
-IpConfiguration $IPconfig

#####This will deploy the NIC1 for VM2 #########
$IPconfig = New-AzNetworkInterfaceIpConfig `
-Name "FSB-Management-vm2-nic-1-config" `
-PrivateIpAddressVersion IPv4 `
-PrivateIpAddress "50.0.0.6" `
-SubnetId $Subnet.Subnets[0].Id `

New-AzNetworkInterface `
-Name "FSB-Management-vm2-nic-1" `
-ResourceGroupName $ResourceGroupName `
-Location "uaenorth" `
-IpConfiguration $IPconfig

#####This will deploy the NIC1 for VM3 #########
$IPconfig = New-AzNetworkInterfaceIpConfig `
-Name "FSB-Management-vm3-nic-1-config" `
-PrivateIpAddressVersion IPv4 `
-PrivateIpAddress "50.0.0.7" `
-SubnetId $Subnet.Subnets[0].Id `

New-AzNetworkInterface `
-Name "FSB-Management-vm3-nic-1" `
-ResourceGroupName $ResourceGroupName `
-Location "uaenorth" `
-IpConfiguration $IPconfig

#--------------------------------------#
##Part 2 - Now lets deploy 3 NICS in the Virtual machine subnet for our 3 vm instances
##Make sure to update the subnet[number]to point to your virtual-machine subnet.id number

$ResourceGroupName = 'allen-vnet'
$Subnet = Get-AzVirtualNetwork -Name "sandbox-vnet" -ResourceGroupName $ResourceGroupName
Get-AzVirtualNetworkSubnetConfig -Name "FSB-vm-subnet" -VirtualNetwork $Subnet


#####This will deploy the NIC2 for VM1 #########
$IPconfig = New-AzNetworkInterfaceIpConfig `
-Name "FSB-virtualmachine-vm1-nic-2-config" `
-PrivateIpAddressVersion IPv4 `
-PrivateIpAddress "50.0.1.5" `
-SubnetId $Subnet.Subnets[1].Id `

New-AzNetworkInterface `
-Name "FSB-virtualmachine-vm1-nic-2" `
-ResourceGroupName $ResourceGroupName `
-Location "uaenorth" `
-IpConfiguration $IPconfig

#####This will deploy the NIC2 for VM2 #########
$IPconfig = New-AzNetworkInterfaceIpConfig `
-Name "FSB-virtualmachine-vm2-nic-2-config" `
-PrivateIpAddressVersion IPv4 `
-PrivateIpAddress "50.0.1.6" `
-SubnetId $Subnet.Subnets[1].Id `

New-AzNetworkInterface `
-Name "FSB-virtualmachine-vm2-nic-2" `
-ResourceGroupName $ResourceGroupName `
-Location "uaenorth" `
-IpConfiguration $IPconfig

#####This will deploy the NIC2 for VM3 #########
$IPconfig = New-AzNetworkInterfaceIpConfig `
-Name "FSB-virtualmachine-vm3-nic-2-config" `
-PrivateIpAddressVersion IPv4 `
-PrivateIpAddress "50.0.1.7" `
-SubnetId $Subnet.Subnets[1].Id `

New-AzNetworkInterface `
-Name "FSB-virtualmachine-vm3-nic-2" `
-ResourceGroupName $ResourceGroupName `
-Location "uaenorth" `
-IpConfiguration $IPconfig

#--------------------------------------#
##Part 3 optional - Now lets deploy 3 NICS in the HA subnet for our 3 vm instances
##Make sure to update the subnet[number]to point to your HA subnet.id number

$ResourceGroupName = 'allen-vnet'
$Subnet = Get-AzVirtualNetwork -Name "sandbox-vnet" -ResourceGroupName $ResourceGroupName
Get-AzVirtualNetworkSubnetConfig -Name "FSB-vm-subnet" -VirtualNetwork $Subnet


#####This will deploy the NIC3 for VM1 #########
$IPconfig = New-AzNetworkInterfaceIpConfig `
-Name "FSB-HA-vm1-nic-3-config" `
-PrivateIpAddressVersion IPv4 `
-PrivateIpAddress "50.0.2.5" `
-SubnetId $Subnet.Subnets[2].Id `

New-AzNetworkInterface `
-Name "FSB-HA-vm1-nic-3" `
-ResourceGroupName $ResourceGroupName `
-Location "uaenorth" `
-IpConfiguration $IPconfig

#####This will deploy the NIC3 for VM2 #########
$IPconfig = New-AzNetworkInterfaceIpConfig `
-Name "FSB-HA-vm2-nic-3-config" `
-PrivateIpAddressVersion IPv4 `
-PrivateIpAddress "50.0.2.6" `
-SubnetId $Subnet.Subnets[2].Id `

New-AzNetworkInterface `
-Name "FSB-HA-vm2-nic-3" `
-ResourceGroupName $ResourceGroupName `
-Location "uaenorth" `
-IpConfiguration $IPconfig

#####This will deploy the NIC3 for VM3 #########
$IPconfig = New-AzNetworkInterfaceIpConfig `
-Name "FSB-HA-vm3-nic-3-config" `
-PrivateIpAddressVersion IPv4 `
-PrivateIpAddress "50.0.2.7" `
-SubnetId $Subnet.Subnets[2].Id `

New-AzNetworkInterface `
-Name "FSB-HA-vm3-nic-3" `
-ResourceGroupName $ResourceGroupName `
-Location "uaenorth" `
-IpConfiguration $IPconfig

#--------------------------------------#

1 comment

  1. I’m not sure where you’re getting your info, but great topic. I needs to spend some time learning more or understanding more. Thanks for fantastic information I was looking for this information for my mission.

    Reply

Leave a comment

Your email address will not be published. Required fields are marked *