Skip to main content
atifali681
atifali681
Explorer III
May 29, 2025
Question

How to create and Communicate subnet like 10.20.30.0/24, 10.20.28.0/24,10.20.29.0/24 on Fortigate FW

  • May 29, 2025
  • 2 replies
  • 1442 views

How to create and Communicate subnet like 10.20.30.0/24, 10.20.28.0/24,10.20.29.0/24 on Fortigate HA firewalls. Whereas access switches are cisco with only by default configurations. Having vlan 1 passed. In current scenario, subnet 10.20.30.0/24 working fine with multiple policies of firewalls. 

 

If we create multiple networks on firewall, How we can control users if static ip assigned to wired pc/nodes while creating security policies, firewall policies. 

2 replies

knaveenkumar
Staff
knaveenkumar
Staff
May 29, 2025

Hi,

Create a Vlan and assign these subnets on particular vlan 

create policy and allow them
-Naveen 

    ede_pfau
    SuperUser
    ede_pfau
    SuperUser
    May 29, 2025

    I am truly confused...where to start?

    You create VLANs in Network - Interfaces, Create, VLAN. You _have_ to enter an IP address, like 10.20.30.1/24. The .1 becomes the VLAN's gateway, the /24 determines it's size.

    Always enable Ping on any interface you create. Check connectivity by pinging your gateway from the host.

    If you like, you can create a DHCP server on that same page, so that your hosts get addresses assigned (instead of static addresses).

      atifali681
      atifali681Author
      Explorer III
      June 2, 2025

      Thanks for sharing knowledge @ede_pfau

      Yes i have already done configurations for this network, What about if i need to add further 3 networks on firewall 10.20.31.0/24, 10.20.29.0/24 and 10.20.28.0/24 and these all networks are attached will be attached via cisco switches having vlan 1 and switch is directly connected with firewall. We need to manage all traffic from firewall. I mean there is no vlans in layer 2 level. Gateways are directly on firewall. Client dont want to perform long activity for vlans segregattion currently?

      atifali681
      atifali681Author
      Explorer III
      June 2, 2025
       

      I mean , if i want to run 3 other /24 subnets on firewall using same 1 lan interface on firewall either its possible , if possible then how i can manage its policies of users/node. Either defining ip addresses pools like 10.20.30.2 to 10.20.30.10 etcDesign.png 

       

      Terms & ConditionsAccessibility statement