Skip to main content
crlic
crlic
New Member
May 8, 2024
Question

L2 Traffic Forwarding

  • May 8, 2024
  • 2 replies
  • 2259 views

Hello,

 

We have the following setup:

 

Screenshot 2024-05-08 111556.png

 

Today, there is no firewall separating the switches. Our main goal is to make sure that PC1 is able to connect PC2 using LAYER2 TRAFFIC (no DG) ONLY. 

 

Is it possible to achieve this goal based on the following facts:

1. There's a trunk interface between the switches and the firewall.

2. The VLANs under the trunk are L3.

3. I can't add any more physical ports.

 

Can I configure VLAN 100 as layer 2 so that broadcast traffic will be forwarded?

 

2 replies

ozkanaltas
ozkanaltas
Valued Contributor III
May 8, 2024

Hello @crlic ,

 

You can achieve this request in two ways. 

 

First, you can connect switches back to back. Second, you can use FortiGate interfaces as a software switch. 

 

You can find more information about software switch in that link. 

 

https://docs.fortinet.com/document/fortigate/7.4.3/administration-guide/277799/software-switch

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configuring-software-switch/ta-p/197786

 

AEK
SuperUser
AEK
SuperUser
May 8, 2024

Hi

In addition to Atlas' suggestion, as alternative you should be able to achieve this using use virtual wire pair.

https://docs.fortinet.com/document/fortigate/7.4.3/administration-guide/166804/virtual-wire-pair

 

Or transparent VDOM.

https://docs.fortinet.com/document/fortigate/6.2.16/cookbook/986787/nat-and-transparent-mode

 

So you have choice depending on your design and requirements.

AEK
Terms & ConditionsAccessibility statement