Technical Tip: How to pass non IP traffic through a FortiGate unit in Transparent Mode
Description
This article describes that by default, FortiGate drops all non-IP traffic such as DECNET/IPX which does not fit in standard ethernet type 2 frame format.
Scope
FortiGate.
Solution
To allow such non-IP traffic to pass through FortiGate, it is essential to enable the l2forward setting under the interface configuration. A firewall policy is not needed in this case as enabling this setting allows the frames to be passed from one interface to another.
Enter the following CLI commands to enable l2forward on respective interfaces that need to allow non-IP traffic to pass through.
config system interface
edit <interface name>
set l2forward enable
end