FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Description This article describes how to process non-tagged packets on a transparent unit. When sending NON-Tagged packets from a Switch to a FortiGate unit in transparent mode, packets are dropped unless the receiving interface is a physical one.
Solution On FortiGate units, the physical interfaces are the only ones able to process (send and accept) non-tagged packets.
Non-Tagged packets (like VTP, CDP, ...) should never be directed to a non-physical interface, like a VLAN sub-interface. Also "stpforward" must be applied on the port configuration.