Fortigate 100e - need help with talking to subnets

Forum|Forum|6 years ago
September 11, 2019
1 reply
3652 views

Hi,

I have a Fortigate 100e configured with 2 ports.

[ul]

My internet comes in on the WAN port and all my switches are daisy chained to port 1 on the fortigate giving out an IP address of 10.0.0.0/24.

My WiFi AP's are all connected to a separate switch that connects to port 2 on the fortigate 100e that gives out an address of 10.99.99.x to each AP from my DHCP interface configuration. However, my APs give out a 10.0.3.0/24 IP address to any client that connects to the AP.[/ul]

I would like to plug in a computer to the same switch as my APs but I would like to obtain an IP address of 10.0.3.x instead of a 10.99.99.x (The same IP that my APs give out when I connect to the AP).

If this is possible, please let me know what info you need.

Thanks,

Matt

orani

New Member

You have to check your routing and also check your ipv4 rules.

From fortigate if you can ping both subnets means that you are ok with routing. You should be ok because you are saying that both of the subnets are directly connected to your fgt.

At ipv4 policy you must have at least tow rules.

1.

From port 1

To port 2

Source all

Destination all

Service all

NO NAT

2.

From port 2

To port 1

Source all

Destination all

Service all

NO NAT

Do you have this configuration already?

matanoodAuthor

New Member

Yes I do now. It is working now. Thanks

I have a new question and I just updated my post.

orani

New Member

I think that you have to configure two vlans on your switch. One will be tagged and one untagged to the port/s you want. Then you have to configure the same way at your fortigate interface.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded