Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
leslie8888
New Contributor

Adding Cisco Layer 3 switch & creating 3 new VLANs. Changes to be made on Fortigate 200D?

Hi Everyone,

 

I've just joined this new company and new to Fortigate as my previous companies are all using Palo Alto firewalls. I hope that the experts here can guide me on the changes to be made when we add in a new Cisco Layer 3 switch & creating 3 new VLANs. Below are diagrams of the current setup and new setup after the Layer 3 switch is added. Can somebody tell me what are the changes I need to make in the Fortigate 200d in point form so that the LAN users work proper and VPN clients able to route and connect to the new VLANs? DHCP server the Fortigate will still remain until the new AD is up. So the LAN users will need to be able to grab IPs from the DHCP server service from the Fortigate.

 

Can some experts please help me? Thanks

3 REPLIES 3
tanr
Valued Contributor II

I think your second diagram (of the new setup) didn't get posted.

Also, which FortiOS version is on the 200D?

leslie8888
New Contributor

Hi. This is the intended setup. Thanks Tanr for pointing out.

 

MikePruett

Give the Layer 3 switch a default route that points to 10.10.4.1

 

Give the FortiGate a route that says 10.0.0.0/8 goes to 10.10.4.2

Give the FortiGate a route that says 192.168.0.0/24 go to 10.10.4.2

FortiGate maintains it's default route to point all other traffic out the internet pipe

 

Make sure policy is in place to allow the appropriate traffic flow

Mike Pruett Fortinet GURU | Fortinet Training Videos
Labels
Top Kudoed Authors