Skip to main content
alkemyst
alkemyst
New Member
November 13, 2025
Question

How can I make a VM just go out the internet?

  • November 13, 2025
  • 1 reply
  • 338 views

We need to get two VMs to bypass the Fortigate and just go straight out to the internet.

How do we do that?

1 reply

yderek
Staff
yderek
Staff
November 13, 2025

Hi, @alkemyst 

When you mention bypass FortiGate, it will depend on how your enviroment setup be

What kind of VM is that 

How will you let VM obtain Internet without FortiGate, assuming you should have another router there has public facing 

FortiGate in general, does not control how your source traffic will flow hence if you would like VMs to go out to Internet without FortiGate invovled, properly consider  how give VM different routing or path using different network in your setup 

alkemyst
alkemystAuthor
New Member
November 13, 2025

So I am new to this org.  We are using VSphere and everything has to go out the Fortigate because some internet only traffic also is tunneled (which I am not used too).  The recommendation is create a new vSwitch with it's own VLAN (I am used to just adding another VLAN to a vSwitch) and then assign it to a port on the Fortigate.  I still need to figure it out.

    ElwinBERRAR
    ElwinBERRAR
    Explorer III
    November 14, 2025

    You can absolutely do this, but those VMs need a path that doesn’t traverse the FortiGate at all. The simplest method is to create a dedicated VLAN/vSwitch in vSphere that uplinks to a router or switch offering direct internet access, instead of an interface on the FortiGate. Once that path exists, the VMs will just follow the default gateway of that new network and bypass the firewall entirely.

    Terms & ConditionsAccessibility statement