FortiGate(WiFi) static routes problems

Forum|Forum|3 years ago
February 9, 2023
1 reply
2608 views

FortiWiFi 60E v7.2.3

Configuration:

Hardware Switch: "internal" (7 ports)

Software Switch: "lan" ("internal" + wfi SSID)

7 VLANs on the interface "internal"

lan: 10.10.5.2/24

Static routes that do not work for me like the following:

Destination: 10.0.3.0/24

Gateway 10.10.5.15

Interface: lan

and others that have similar configuration with the Gateway IP: 10.10.5.15

10.10.5.15 is the linux server with the lxc containers on it:

lxc bridge IP: 10.0.3.1

10.0.3.20 - IP of one of the lxd/lxc containers

10.0.3.20 is reachable only from the 10.10.5.0 subnet and not from any other VLANs.

inter-VLAN routing works where I allowed it to work.

This static route works on the pfSense router/firewall and Ubiquiti EdgeRouter.

I am, basically, replicating the pfSense configuration to FortiWiFi. It seems everything works besides those static routes with the 10.10.5.15 gateway.

What am I missing in my setup?

Thanks.

FortiGate

gfleming

Staff

Do you have firewall policies allowing the inter-VLAN routing?

lk777Author

Visitor III

Hi Graham,

All VLANs see each other ( for the troubleshooting purposes, I have temporarily disabled some rules which blocked inter-VLAN routing for some VLANs). As of now, all VLANs have rules which allow access from any incoming interface and from all sources.

gfleming

Staff

I think your problem is the VLANs are assigned to your hardware switch when in reality you need to have them assigned to your software switch. Can you try with VLAN assigned to software switch instead?

You can also try breaking your software switch if you don't need your wireless interface bridged to your hardware switch.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded