Skip to main content
zekebashi
zekebashi
New Member
May 27, 2021
Question

Internal Interfaces

  • May 27, 2021
  • 1 reply
  • 10634 views

Hello,

 

I am new to Fortinet firewalls so excuse my shortcomings. 

 

We have a FortiGate 60B and I am trying to understand how 4 internal ports are assigned the same IPv4 address. When I check under the "Unit Operation" where this section shows the front ports of the firewall. There are 4 ports that are labeled "INT1, INT2, INT3, INT4" all of them are showing green. When I hover the mouse on each one of them, it shows it is assigned an IP address (192.168.254.254/24). However, when I click on the "Network" option, Interface tab, there is a single interface called internal and it is assigned IP address: 192.168.254.254/24.

 

I am confused as to how 4 ports can be assigned the same IP address if they are not configured as Layer 2 interfaces!!

 

I was wondering if someone can clarify that for me or guide me in the right direction.

 

Best,

~sK

    1 reply

    sw2090
    SuperUser
    sw2090
    SuperUser
    May 31, 2021

    This is Fortinet Factory Default :)

    All internal ports are configured to be one (virtual) switch. The interface "internal" you see is the switch itself. That does have the IP Address you mentioned. 

    The ports themselves do not have an ip address because they are only switchports now.

    If you want them to be on their own you will have to delete the switch interface (or remove one or more Ports from it). Then you will see internal1,2,... in interface view and they will be handled each as an own interface. 

     

    hth

    Sebastian

    LukeLuke1979
    LukeLuke1979
    Visitor III
    October 21, 2023

    Hello, I have the same problem on Fortigate 20c. I need to connect it on two different switch with different subnets.

    Could you help me to understand if is possible configure two separated lan interfaces with two different IP ?

     

    Thanks a lot

     

    Greetings

    parteeksharma
    Staff
    parteeksharma
    Staff
    October 21, 2023

    Hi LukeLuke1979,
    You can configure two different IP address on two different interfaces of fortigate. To remove physical interface from Hardware/Software switch, kindly check below link and then you can configure separate IP address on those interfaces and connect switches as per your requirement: 

    https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-add-or-remove-physical-interface-from/ta-p/190563

    Regards,
    Parteek

      Terms & ConditionsAccessibility statement