Fortinet's documentation leaves much to the imagination, which is less than ideal for technical documentation. This is especially true for their Hyper-V deployment instructions which leave out multiple steps, and left me frustrated trying to piece together instructions from the Hyper-V deployment guide, the VMWare deployment guide, and the hardware initial configuration instructions. Hopefully this is more helpful for someone else.
While the instructions in the pdf are less terrible than the online documentation, much of the Hyper-V side configuration elements seem like an afterthought for the system configuration, and the system configuration seems to be an afterthought for the typesetting.
After downloading the appliance, extract the FortiOS.vhd file to your preferred VHD location on your Hyper-V server. The VM will need an additional VHD as well, Fortinet supplies a data vhd, but there's nothing special about it, so go ahead and create a vhdx for the FortiGate's data drive.
In a simple setup such as in my home network where I'm installing this, the VM will also only need two different vNICs, not the four mentioned in the setup instructions. One for your LAN, one for your WAN.
After downloading and copying the FortiGatet OS vhd to V:\VMs\FW00\Virtual Hard Disks\ I used the following PowerShell to get the VM configured on our 2019 Hyper-V cluster:
$VMProperties = @{
Name = "fw00"
Path = "V:\VMs\"
VHDPath = "V:\Vms\fw00\Virtual Hard Disks\fw00.vhd"
MemoryStartupBytes = 2GB
BootDevice = "IDE"
Generation = 1
SwitchName = "LAN"
}
New-VM @VMProperties
Add-VMHardDiskDrive -VMName $VMProperties.Name -Path (New-VHD 'V:\VMs\fw00\Virtual Hard Disks\fw00_data.vhdx' -SizeBytes 60GB).path
Add-VMNetworkAdapter -VMName $VMProperties.Name -SwitchName "WAN"
Set-VM $VMProperties.Name -ProcessorCount 2
Start-VM $VMProperties.NameAfter you've booted your VM for the first time, it should take care of the VM's data drive setup and you should be able to login with admin and no password. The instructions for the initial NIC hand you off to the GUI after giving the NIC an IP address and default gateway and state:
You connect to the FortiGate-VM GUI via a web browser by entering the IP address assigned to the port 1 interface (see Configuring port 1 on page 20) in the browser location field. You must enable HTTP and/or HTTPS access and administrative access on the interface to ensure that you can connect to the GUI. If you only enabled HTTPS access, enter "https://" before the IP address.
Nowhere in the entire pdf does it mention how to provide this access, additionally https access doesn't work until you've provided the FortiGate a cert, so you can't actually use HTTPS until more undocumented work is performed. The documented steps for setting up default routing, and DNS in the document are correct . Since I know I'm going to want to use https later, and ssh I enable them here, though it's not required until after we've setup our certs and keys.
The full commands for initial setup, and ensuring GUI access are:
config system interface
edit port1
set mode static
set ip <CIDR IP>
set allowaccess ping http https ssh
next
end
config router static
edit port1
set device port1
set gateway <IPv4 address>
next
end
config system dns
set primary <IPv4 address>
set secondary <IPv4 address>
endAfter that, the instructions for setting things up were well rounded enough that I could fumble through the rest of the installation, ignoring the text of error messages that have nothing to do with anything, and acting like an engineer, not a printer.