Skip to main content
mile123
mile123
New Member
April 24, 2018
Question

How to configure MGMT interface with an IP add of my LAN subnet (FG 200E)

  • April 24, 2018
  • 2 replies
  • 13413 views

Hi everyone here!

 

I am new with FG devices and I am currently working with FG 200E but I am facing a problem and I cannot find a solution for my case; I need to configure the mgmt interface with the IP x.x.x.x but I also need to configure a LAN interface with an IP add in the same subnet as the mgmt interface which seems to be a problem because I am getting this error:

 

Conflicts with 'mgmt' subnet

 

I was reading in previous post some solutions by using the ha configuration but in my case I am not using high availability, I just have to configure this single device. Is there any solution for this problem? 

 

Any answer is welcome, thanks so much for the help!

    2 replies

    Markus
    Markus
    New Member
    April 24, 2018

    Hi,

    Welcome to the Forums. You have to connect to the cli interface of the Fortigate (enable SSH on the Interface and use Putty or something similar). Use the following commands

    config system settings

        set allow-subnet-overlap enable This should do the trick.

    Toshi_Esumi
    SuperUser
    Toshi_Esumi
    SuperUser
    April 24, 2018

    Depending on how you want to use mgmt interface, but another option is to create a new vdom and move the interface from "root" to the new management vdom. That would isolate management network (I assume that's the reason you have an overlap) from all other user networks but still can manage the 200E through the interface.

    mile123
    mile123Author
    New Member
    April 24, 2018

    Hi Toshi,

     

    Thanks so much for your answer, I still have one question, I created a new VDOM called Management: do I need to configure again my mgmt port selecting this VDOM; erase the mgmt interface from root vdom and let all my other ports in the root VDOM? That will be enough to be able to manage the device remotly through mgmt port while everything is still working in my LAN?

     

    I will be waiting for your answer and thanks soooo much! 

     

     

    Toshi_Esumi
    SuperUser
    Toshi_Esumi
    SuperUser
    April 24, 2018

    When you enabled vdom-admin under global config, everything should be in root vdom (or everything you configure without enabling vdom-admin goes into root vdom). So now the mgmt interface is in root. You just need to change it to "Management" vdom you created with below:

     

    config sys int

        edit mgmt

            set vdom "Management"

        next

    end

    Terms & ConditionsAccessibility statement