Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ShrewLWD
Contributor

Soft-switch possible in transparent mode VDOM?

Hi everyone, This is one a 600C, using 4.0MR3p14 Is it possible to create a soft-switch in a transparent mode VDOM? We have a single inbound internet feed that gives us two /29 IP blocks, with VLAN Tags for each (2 and 3). I have 10 internet facing machines, 5 each on the two /29 blocks. I need to send each one of those blocks (and their tag) to their respective PCs. I initially left port 5 in root, and created 2 transparent VDOMS (vdom-vlan2 and vdom-vlan3). I then created a VLAN for each tag (DMZ2 and DMZ3) on port 5. I assigned ports 6,7,8,9,10 to vdom-vlan2 I assigned ports 11,12,13,14,15 to vdom-vlan3 I then tried to soft-switch; DMZ2, 6,7,8,9,10 (VLAN2Switch) and DMZ3, 11,12,13,14,15 (VLAN3Switch). As long as I created this in a config file and uploaded it, it worked (traffic flowed)....until the device was rebooted. Then it broke the soft-switch up again. Is there a better way to get these 10 machines talking to port 5? They are all statically assigned. Also, I know soft-switch forces the CPU to get involved so hardware acceleration is lost, so maybe I' m going down the wrong path. Any assistance would be greatly appreciated!
1 REPLY 1
ShrewLWD
Contributor

Mmm, I think I solved it. I left everything as is, except I created a zone with ports 6,7,8,9,10 in vdom-vlan2, and a zone with ports 11,12,13,14,15 in vdom-vlan3 That appears to allow traffic to flow just fine between port 5 and all those ports individually. Anything I should be cautious about, doing it this way? Will this make as big of a hit to the CPU as a soft-switch?
Labels
Top Kudoed Authors