Skip to main content
srappaport
srappaport
New Member
March 3, 2011
Question

FGT200B - bridging interfaces

  • March 3, 2011
  • 6 replies
  • 6226 views
This is the first time working with a FortiGate 200B-POE. Is it possible to bridge the " switch" interface (the 8 PoE ports) with one of the ASIC accelerated interfaces? I would like to use the PoE ports for wireless access points only but keep them on the same subnet as the wired LAN and i would like the wired LAN to be connected to one of the ASIC accelerated ports. Thanks.

    6 replies

    Fullmoon
    Fullmoon
    New Member
    March 3, 2011
    Hi Notes from FortiOS Handbook in regards to Transparent mode (TP) In Transparent mode, the FortiGate unit is invisible to the network. All of its interfaces are on the same subnet and share the same IP address. You only have to configure a management IP address so that you can make configuration changes. You would typically use the FortiGate unit in Transparent mode on a private network behind an existing firewall or behind a router. In Transparent mode, the FortiGate unit also functions as a firewall. Firewall policies control communications through the FortiGate unit to the Internet and internal network. No traffic can pass through the FortiGate unit until you add firewall policies.
    srappaport
    srappaportAuthor
    New Member
    March 3, 2011
    Thanks, Fullmoon, however I still need to use this as a router as one of the interfaces will be a WAN connection as well, so I don' t think Transparent mode will work in this case. I appreciate the input though.
    ede_pfau
    SuperUser
    ede_pfau
    SuperUser
    March 3, 2011
    Hi, this has been dealt with a couple of times already. There is a " Search" function for the forums. Look at this thread from January 2011: http://support.fortinet.com/forum/tm.asp?m=69096
    srappaport
    srappaportAuthor
    New Member
    March 3, 2011
    I' m aware of the search function, used it, but only came up with FWF-60 references (perhaps my search terms were not great). I was not sure if the wlan interface is handled the same as the switch interface on the 200B and the only reference to a 200B question was left unanswered. Thanks for the reply. I' m still debating whether I truly need to keep the wireless on the same subnet or not.
    ede_pfau
    SuperUser
    ede_pfau
    SuperUser
    March 3, 2011
    As far as I' ve understood this issue in the past, the main reason to incorporate WLAN into the LAN broadcast domain is when the same DHCP server (range) should be used. WLAN clients broadcast for DHCP and this is not relayed by default if the WLAN port and the LAN port are not in the same layer2. As I don' t work with WLANs right now I can' t put in any experience of my own here. But I know that there are interface settings allowing for ' forward layer 2 protocols' and ' forward broadcasts' . So maybe you can get the WLAN to work even if on a separate interface.
    srappaport
    srappaportAuthor
    New Member
    March 3, 2011
    Thanks Ede. I appreciate the info.
    Terms & ConditionsAccessibility statement