Bootstrap the VM-Series Firewall on Azure

The VM-Series firewall on Azure supports Azure Files service for bootstrapping.
    • To manage the bootstrap package for the VM-Series firewall on Azure, you must be familiar with storage accounts on Azure and know how to create a file share and directory objects that contain the folder structure required for the bootstrap package. You can share an Azure file share across many virtual machines so that all firewalls deployed in the same region as the storage account that hosts the file share can access the files concurrently.
      The management interface of the VM-Series firewall must be able to access the file share that holds the bootstrap package so that it can complete bootstrapping.
  1. Set up the bootstrap package within an Azure Files service.
    1. On the Azure portal, select or create a storage account.
    2. Create a file share within the Azure Files service.
    3. Create the folders within the storage account.
    • If you are using a file to configure the firewall, continue to Step 3.1
    • If you are using custom data to configure the firewall, continue to Step 3.2.
    1. If you choose to use the bootstrap package, select
      Enable Bootstrap: Yes
      and provide the information required to access the file share that holds the bootstrap files.
      1. Storage Account Name
        — This is the Azure storage account in which you created the file share for the bootstrap folders.
      2. Storage Account Access Key
        —The firewall needs this access key to authenticate to the storage account and access the files stored within. To copy this access key, select the storage account name, and then select
        Access Keys
      3. File-share
        —The file-share name that contains the bootstrap package.
      4. (Optional)
        —The path to a subfolder within the file-share. If you have a common file share that serves as a repository for bootstrap configurations for different set ups, you can use a share-directory to create a folder hierarchy and access a specific set of subfolders within the common file-share.
    2. Enter the configuration parameters as custom data. For the key-value pairs, see Enter a Basic Configuration as User Data (AWS, Azure, or GCP). Separate each key-value pair with a semicolon. For example:
      type=dhcp-client; op-command-modes=jumbo-frame; vm-series-auto-registration-pin-id=abcdefgh1234****; vm-series-auto-registration-pin-value=zyxwvut-0987****
      Provide custom data using one of the methods in Custom data and Cloud-Init on Azure Virtual Machines.

Recommended For You