Creating a VLAN in two different ports (FortiWEB)

Hi,

Sorry if this is  FAQ, but I couldn't find any information and example.

I have a problem with adding a one VLAN to two different ports.

Consider this scenario:

(check attached file please)

"SW-1" <------->Agg-1 > "WAF" < Agg-2 <-------> "SW-2"

** Both switches are in the access layer. They aggregate SRVs` NICs. WAF is on the edge of DMZ.

I have 2 ports on SW-1 that belong to VLAN 100 and also on SW-2, two ports, one of them belongs to VLAN 100, and the other one belongs to VLAN 200.

configuration:

edit "vlan-100"

    set ip 192.168.100.1/24

    set allowaccess https ping 

    set vlanid 100

    set interface agg-1

    config  secondaryip

    end

edit "vlan-200"

    set ip 192.168.200.1/24

    set allowaccess ping 

    set vlanid 200

    set interface agg-2

    config  secondaryip

    end

Based on Fortiweb administration guide v5.9.0, we can add same VLAN id to a different port. (page 176). I wanted to add VLAN 100 to agg-2. But I couldn`t do that. I realize that the NAME field must be different. but what about IP address?  Fortiweb didn`t accept the same IP address of VLAN 100! Actually didn`t accept any IP addresses on VLAN 100`s range.

What can I do? what IP address should I use? Is this scenario correct?

I will be grateful if anyone can help me.

Best regards,

ALI