Deploying template : networkInterface xxxxx was not found
hansgoes-it opened this issue · 5 comments
Receiving errors by deploying this template.
Error details say that the networkInterfaces was not found. Please make sure that the referenced resource exists
Not sure why I get this error since I would expect the template to roll it out.
{"code":"DeploymentFailed","message":"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.","details":[{"code":"InvalidResourceReference","message":"Resource /subscriptions/81bfabXX53fd6b/resourceGroups/rg_twin_fortigate/providers/Microsoft.Network/virtualNetworks/vn_twin_01/subnets/ManagementSubnet referenced by resource /subscriptions/81bXfd6b/resourceGroups/rg_twin_fortigate/providers/Microsoft.Network/networkInterfaces/twinpfw--FGT-B-Nic4 was not found. Please make sure that the referenced resource exists, and that both resources are in the same region."},
etc etc
Rolling out the custom deployment by using
Fortigate Name Prefix: twinpfw-
Hi Hans,
Which template did you try to deploy we have several? What are the variables that you used for the deployment. I think for the Management Subnet, which this error is about, you have selected existing and entered a non existing network interface or an interface that is not in the correct region. On deployment you only need to fill in the 4 parameters that are required (prefix, location, username and password) for most templates. If more is adapted this might cause deployment issues. It would as such be good to know what you entered. You should be able to go back to the deployment in Azure and retrieve these parameters.
More information can be found here:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/deployment-history?tabs=azure-portal
Hi,
I am using the Azure Portal deployment of this template : https://github.com/fortinet/azure-templates/tree/main/FortiGate/Active-Passive-ELB-ILB
Besides the 4 parameters which are required I want to install both fortigate and loadbalancers in an existing vnet and in an existing resourcegroup.
So I filled in the Public IP Resource group fields and also picked the existing vnet and entered those corresponding details.
I modified the proposed IP-addresses.
(10.0.11.0/24, 10.0.12.0/24 etc., part of vnet 10.0.0.0/16)
I results again in deployment failure , the deployment fails on the NIC's of the FGT-A and FGT-B and also on the internalloadbalancer.
In the existing resource-group I only have the existing vnet in place.
Errors :
{
"code": "DeploymentFailed",
"message": "At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.",
"details": [
{
"code": "InvalidResourceReference",
"message": "Resource /subscriptions/81XXX6b/resourceGroups/rg_twin_fortigate/providers/Microsoft.Network/virtualNetworks/vn_twin_01/subnets/ExternalSubnet referenced by resource /subscriptions/81XXXb/resourceGroups/rg_twin_fortigate/providers/Microsoft.Network/networkInterfaces/twinpfw-FGT-A-Nic1 was not found. Please make sure that the referenced resource exists, and that both resources are in the same region."
},
{
"code": "InvalidResourceReference",
"message": "Resource /subscriptions/81XXb/resourceGroups/rg_twin_fortigate/providers/Microsoft.Network/virtualNetworks/vn_twin_01/subnets/ExternalSubnet referenced by resource /subscriptions/81XXb/resourceGroups/rg_twin_fortigate/providers/Microsoft.Network/networkInterfaces/twinpfw-FGT-B-Nic1 was not found. Please make sure that the referenced resource exists, and that both resources are in the same region."
},
{
"code": "InvalidResourceReference",
"message": "Resource /subscriptions/81bXX6b/resourceGroups/rg_twin_fortigate/providers/Microsoft.Network/virtualNetworks/vn_twin_01/subnets/InternalSubnet referenced by resource /subscriptions/81bXX6b/resourceGroups/rg_twin_fortigate/providers/Microsoft.Network/loadBalancers/twinpfw-InternalLoadBalancer was not found. Please make sure that the referenced resource exists, and that both resources are in the same region."
},
{
"code": "InvalidResourceReference",
"message": "Resource /subscriptions/81XX6b/resourceGroups/rg_twin_fortigate/providers/Microsoft.Network/virtualNetworks/vn_twin_01/subnets/HASyncSubnet referenced by resource /subscriptions/81XXb/resourceGroups/rg_twin_fortigate/providers/Microsoft.Network/networkInterfaces/twinpfw-FGT-B-Nic3 was not found. Please make sure that the referenced resource exists, and that both resources are in the same region."
},
{
"code": "InvalidResourceReference",
"message": "Resource /subscriptions/8XXX6b/resourceGroups/rg_twin_fortigate/providers/Microsoft.Network/virtualNetworks/vn_twin_01/subnets/HASyncSubnet referenced by resource /subscriptions/81XXXb/resourceGroups/rg_twin_fortigate/providers/Microsoft.Network/networkInterfaces/twinpfw-FGT-A-Nic3 was not found. Please make sure that the referenced resource exists, and that both resources are in the same region."
},
{
"code": "InvalidResourceReference",
"message": "Resource /subscriptions/81XXXb/resourceGroups/rg_twin_fortigate/providers/Microsoft.Network/virtualNetworks/vn_twin_01/subnets/HASyncSubnet referenced by resource /subscriptions/81XXX6b/resourceGroups/rg_twin_fortigate/providers/Microsoft.Network/networkInterfaces/twinpfw-FGT-A-Nic3 was not found. Please make sure that the referenced resource exists, and that both resources are in the same region."
},
{
"code": "InvalidResourceReference",
"message": "Resource /subscriptions/81XXXb/resourceGroups/rg_twin_fortigate/providers/Microsoft.Network/virtualNetworks/vn_twin_01/subnets/ManagementSubnet referenced by resource /subscriptions/81XXXb/resourceGroups/rg_twin_fortigate/providers/Microsoft.Network/networkInterfaces/twinpfw-FGT-B-Nic4 was not found. Please make sure that the referenced resource exists, and that both resources are in the same region."
}
]
}
Hi,
If you would have a RG with a VNet you would need to define the vnetName, vnetResourceGroup, subnet[1-5]Name, subnet[1-5]Prefix. You don't need to define the public IP resource group unless you ahve created that beforehand.
Below an example. In Azure CLI I've created the below VNET and subnets. Then you can use the below parameters file for deployment of this template. It is required to have the subnets configured beforehand if you want to use an existing VNET. Also currently the private IP's used for the different subnets are static. It is anyway recomended to have empty subnets for the subnets connected to the FortiGate.
You could also use the Azure Portal Wizard you can find on this staging repo:
https://github.com/40net-cloud/fortinet-azure-solutions/tree/main/FortiGate/Active-Passive-ELB-ILB
Hope this helps you futher in your deployment.
Joeri
$rg = "JVH87-RG"
$location = "westeurope"
$vnet = "JVH87-VNET"
az network vnet create --name "$vnet" --resource-group $rgvnet --address-prefixes 172.16.140.0/22
az network vnet subnet create --resource-group $rgvnet --vnet-name "$vnet" --name "ExternalSubnet" --address-prefixes 172.16.140.0/26
az network vnet subnet create --resource-group $rgvnet --vnet-name "$vnet" --name "InternalSubnet" --address-prefixes 172.16.140.64/26
az network vnet subnet create --resource-group $rgvnet --vnet-name "$vnet" --name "HASyncSubnet" --address-prefixes 172.16.140.128/26
az network vnet subnet create --resource-group $rgvnet --vnet-name "$vnet" --name "ManagementSubnet" --address-prefixes 172.16.140.192/26
az network vnet subnet create --resource-group $rgvnet --vnet-name "$vnet" --name "ProtectedSubnet" --address-prefixes 172.16.141.0/24
Parameters:
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"adminUsername": {
"value": "azureuser"
},
"adminPassword": {
"value": "xxx"
},
"fortiGateNamePrefix": {
"value": "JVH87"
},
"fortiGateImageSKU": {
"value": "fortinet_fg-vm"
},
"fortiGateImageVersion": {
"value": "latest"
},
"instanceType": {
"value": "Standard_F4s"
},
"acceleratedNetworking": {
"value": "true"
},
"publicIPNewOrExisting": {
"value": "new"
},
"publicIP2NewOrExisting": {
"value": "new"
},
"publicIP3NewOrExisting": {
"value": "new"
},
"publicIPName": {
"value": "FGTAPClusterPublicIP"
},
"publicIPResourceGroup": {
"value": null
},
"publicIP2Name": {
"value": "FGTAMgmtPublicIP"
},
"publicIP2ResourceGroup": {
"value": null
},
"publicIP3Name": {
"value": "FGTBMgmtPublicIP"
},
"publicIP3ResourceGroup": {
"value": null
},
"publicIPAddressType": {
"value": "Static"
},
"vnetNewOrExisting": {
"value": "existing"
},
"vnetName": {
"value": "JVH87-VNET"
},
"vnetResourceGroup": {
"value": "JVH87-RG"
},
"vnetAddressPrefix": {
"value": "172.16.140.0/22"
},
"subnet1Name": {
"value": "ExternalSubnet"
},
"subnet1Prefix": {
"value": "172.16.140.0/26"
},
"subnet2Name": {
"value": "InternalSubnet"
},
"subnet2Prefix": {
"value": "172.16.140.64/26"
},
"subnet3Name": {
"value": "HASyncSubnet"
},
"subnet3Prefix": {
"value": "172.16.140.128/26"
},
"subnet4Name": {
"value": "ManagementSubnet"
},
"subnet4Prefix": {
"value": "172.16.140.192/26"
},
"subnet5Name": {
"value": "ProtectedSubnet"
},
"subnet5Prefix": {
"value": "172.16.141.0/24"
},
"fortiManager": {
"value": "no"
},
"fortiManagerIP": {
"value": null
},
"fortiManagerSerial": {
"value": null
},
"location": {
"value": "[resourceGroup().location]"
},
"fortinetTags": {
"value": {
"publisher": "Fortinet",
"template": "Active-Passive-ELB-ILB",
"provider": "6EB3B02F-50E5-4A3E-8CB8-2E12925831AP"
}
}
}
}
I managed to fix it:
- Create subnets under existing VNET before deploying new template.
thanks for the support