Transparant vdom WAN IP passthrough

Forum|Forum|9 years ago
July 14, 2016
1 reply
4620 views

So I have a Fortigate 51E running FortiOS 5.4.1

I have a root vdom running in NAT mode which has our WAN IP /29 block with 5 public WAN IP addresses.

On WAN1 I have configured the x.x.x.x/29 address and all works fine.

Now we have the need to create a DMZ/VDOM for an appliance and the 3rd party setting this up prefers to configure a WAN IP on the appliance.

We need to pass the traffic through the fortigate so we can control the speed. The WIFI network behind the appliance is not allowed to saturate the 500MB line.

So I was thinking to create a 2nd vdom in transparant mode. But how do I allow the WAN1 port in root vdom to be shared with the transparant VDOM? With VDOM links?

Is there another solution without using a vdom? We want to avoid NAT but need the WAN IP on the appliance.

5.4

MarkAuthor

New Member

Have been doing some more research, would the new Virtual Wire Pair be an option here?

root vdom (nat) - WAN1 x.x.x.81/29 (gateway is x.x.x.80/29 ISP cable modem in bridge)

1st vdom (transparant) - port4 and port5 linked together with virtual wire pair and two policys allowing traffing both ways no restrictions. port4 would go to the ISP gateway. port5 to the 3rd party appliance. They configure manually WAN IP x.x.x.82/29. It must be possible the use a bandwidth limit or port limit on this vdom so they are allowed to use half the bandwidth?

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded