Technical Tip: Unable to turn on the Wildcard VLAN option under Virtual wire pair interface
| Description | This article describes the reason behind Wildcard VLAN being greyed out or the CLI setting wildcard-vlan giving an error when trying to modify it. |
| Scope | FortiOS. |
| Solution | In some cases when tagged VLAN traffic has to flow through a virtual wire pair, Wildcard VLAN option must be enabled to allow tagged VLAN traffic.
If the Wildcard VLAN setting has to be modified, the Wildcard VLAN option can be greyed out and also an error is observed even when trying through CLI preventing the setting to be changed as shown below:
The error found in the CLI indicates that this is due to Firewall Virtual Wire Pair Policy being configured using this interface, which restricts this feature from being enabled.
Once the virtual wire pair policy is deleted, the ability to change the setting should now be available.
After enabling the Wildcard VLAN feature a new virtual wire pair policy can then be created to allow traffic. |
