Dear community,

I'm pretty new to networking and fortigates in general (less than a year of experience).

I've been recently assigned a project and i have some questions which I'd love some expert opinions on.

Basically we recently moved 2 HPE servers to a local datacenter, those servers have XCP installed and some VMs have been deployed which include databases of an external partner. Those databases will need to be accessed from the partners side with public IPs and their next hop would be our gateway on Fortigate.

The issue here is that we don't want to use natting for the addresses so we can avoid having to interact with the NOC teams of the datacenter company or the partner company so we have full control.

I have been instructed to statically route the VMs (around 8 machines).

The datacenter has provided us a public ip 185.x.x.x with 255.255.255.0 subnet mask and .254 gateway

that will be the IP attached to my wan address on the FortiGate.

A routed subnet has also been provided 185.y.y.144/28

How would i be able to attach the server to a port on the fortigate and its vms can use the routed /28 subnet?  For example the vms should have IPs 185.y.y.145, 185.y.y.146 and so on.

Would i need to simply add the routed /28 subnet as a software switch on a port, connect the server to that port so the XCP would get .144 IP and then just statically assign the rest of the IPs to the VMs inside XOA? (Along with static routes and firewall rules of course on the forti)

Apologies if my request sounds confusing and thanks in advance for any help

Regards