This report details the deployment, configuration, and validation of the FortiGate Virtual Appliance (FGTVM64) on a KVM (Kernel-based Virtual Machine) hypervisor. The specific software image analyzed is FortiGate-VM64-KVM version 7.2.1, build 1254 (GA).
The purpose of this document is to summarize the work involved in provisioning this specific version, validate its performance on the KVM platform, and outline any specific configuration nuances required for the qcow2 image format.
Upon first boot, the FortiGate VM will:
Solution: FortiGate for KVM expects virtio-net-pci. Edit the VM XML:
virsh edit fortigate-721
Find <interface type='network'> and ensure <model type='virtio'/>. fgtvm64kvmv721fbuild1254fortinetoutkvmqcow2 work
sudo virt-install \
--name fortigate-vm \
--ram 4096 \
--vcpus 2 \
--disk path=/path/to/FGT_VM64_KVM-v7.2.1-F-build1254.qcow2,format=qcow2 \
--import \
--os-variant generic \
--network network=default,model=virtio \
--graphics vnc \
--noautoconsole
The --import flag tells KVM to boot directly from the existing qcow2 image.
The string suggests the filename might be something like: The --import flag tells KVM to boot directly
fgtvm64-kvm-v721-fbuild1254-fortinet-out-kvm.qcow2
If you have received this file through official Fortinet support or a lab environment, place it in /var/lib/libvirt/images/ and verify its integrity:
ls -lh fgtvm64kvmv721fbuild1254fortinetoutkvmqcow2
qemu-img info fgtvm64kvmv721fbuild1254fortinetoutkvmqcow2
Expected output should show: