Skip to main content
majed
majed
New Member
October 25, 2017
Question

basic transparent mode config

  • October 25, 2017
  • 1 reply
  • 2024 views

Fortigate is running in transparent mode I have 2 groups of addresses lab1 and lab2  in the same range 192.168.0.0 physically every group is connected to a switch and each switch is connected to a port on the Fortigate.

can we prevent group1 from accessing group 2.

    1 reply

    aagrafi
    aagrafi
    New Member
    October 25, 2017

    You can do that with forwarding domains. The CLI is

    config system interface

    edit <interface_name>

    set forward-domain <domain_ID>

    next

    #Repeat these commands to the appropriate interfaces. You segregate the different groups by placing the corresponding interfaces into different domain_IDs.

     

    You can do this another way: with VDOMs. Create two VDOMs in transparent mode and place the chosen interfaces in the corresponding VDOMs. The inter-VDOM communication is blocked by default.

     

    Personally, I prefer the second option.

     

    Regards

    Terms & ConditionsAccessibility statement