Skip to main content
Neophron
Neophron
New Member
February 23, 2017
Solved

fortigate 100D 5.4.3 mgmt not able to set IP in same vlan as LAN

  • February 23, 2017
  • 1 reply
  • 7075 views

Hello,

I'v got a fortigate 100D which is unable to assign a IP for management in the same vlan as the LAN.

its a single 100D ( no HA ) which I want to manage from vlan 10, the same subnet as the current management IP on LAN side.

the gui is slow, probably due to production traffic going over the same port.

hence I want to mitigate the management port to where it is supposed to be.

however altho I'v enabled subnet overlap, which solves the issue shown below

 

I still can't get it to work, when I press ok the 100D comes with item not found ;

 

your assist or opinion is very welcome, thanks in advance!

    Best answer by joepope

    This has been broken since 5.4, it worked on version 5.2.  I have multiple HA clusters, with individual IP addresses for management only in the same interface subnet VIP.  It worked but they broke it in 5.4, I opened a support case on 09/02/2016 and they list it as a "bug".  Checking on the status a few weeks ago, they say it "may" be fixed in release 5.6 but not sure.  WHAT?  Why am I paying for support?

     

    But you can set it by CLI, that worked for me.

    1 reply

    Neophron
    NeophronAuthor
    New Member
    February 23, 2017

    I'm sorry I see the pictutes didn't come along in the post.

    on the first picture there is an error notification due to overlap. I'v resolved that in the CLI with

    config system settings

    set allow-subnet-overlap enable

    then when entering the IP that is in the range of the LAN network I get the well known error ; item not found

    joepope
    joepopeAnswer
    New Member
    February 23, 2017

    This has been broken since 5.4, it worked on version 5.2.  I have multiple HA clusters, with individual IP addresses for management only in the same interface subnet VIP.  It worked but they broke it in 5.4, I opened a support case on 09/02/2016 and they list it as a "bug".  Checking on the status a few weeks ago, they say it "may" be fixed in release 5.6 but not sure.  WHAT?  Why am I paying for support?

     

    But you can set it by CLI, that worked for me.

    Neophron
    NeophronAuthor
    New Member
    February 23, 2017

    thanks joepope! I was already wondering if it was just me or a bug, will get into the CLI config of the interface later. cheers!

    Terms & ConditionsAccessibility statement