So first, you need to either move port15 to vdom OOB or configure inter vdom links between vdom root and vdom OOB
About inter-dom link, refer to this: https://docs.fortinet.com/document/fortigate/7.6.2/administration-guide/317358/inter-vdom-routing-co...
So your flow would be:
Port15 >>>> Vdom-link(root side) >>>>>Vdom-link (OOB side)>>>>Vlan20
Port15 >>>> Vdom-link(root side) >>>>>Vdom-link (OOB side)>>>>Vlan30
At root vfom you have to have bidirectional rules from port15 to vdom link and from vdom link to port15, and routing so traffic from port15 to vlans 20, 30 is forwarded to the gateway, which will be the ip address of inter-vdom link on OOB side.
At OOB vdom, you configure rules from inter-vdom link to VLAN20 and VLAN30, which are interface vlans on your firewall at OOB side.
Let me know if I can help with something else.
Dear Lima,
Thank you for your response. I am still seeking a solution to my inquiry. I have attached a file that illustrates the configuration. The Fortigate firewall is a multi-VDOM, consisting of VDOM root and VDOM oob. VDOM oob is connected to a Fortiswitch through Fortilink. The Fortiswitch is configured with two VLANs, and all ports are set as access ports for either VLAN 20 or VLAN 30, with the exception of port 24, which functions as a trunk port. There are no available ports on the Fortiswitch. My question is how to configure port 15 on the Fortigate firewall to enable access to both VLAN 20 and VLAN 30 on the Fortiswitch. Thank you in advance as I await your swift assistance.
So first, you need to either move port15 to vdom OOB or configure inter vdom links between vdom root and vdom OOB
About inter-dom link, refer to this: https://docs.fortinet.com/document/fortigate/7.6.2/administration-guide/317358/inter-vdom-routing-co...
So your flow would be:
Port15 >>>> Vdom-link(root side) >>>>>Vdom-link (OOB side)>>>>Vlan20
Port15 >>>> Vdom-link(root side) >>>>>Vdom-link (OOB side)>>>>Vlan30
At root vfom you have to have bidirectional rules from port15 to vdom link and from vdom link to port15, and routing so traffic from port15 to vlans 20, 30 is forwarded to the gateway, which will be the ip address of inter-vdom link on OOB side.
At OOB vdom, you configure rules from inter-vdom link to VLAN20 and VLAN30, which are interface vlans on your firewall at OOB side.
Let me know if I can help with something else.
Hi Lima,
I have a second challenge concerning the setup diagram provided below. In this diagram, VLAN 30 is designated as the out-of-band (OOB) management VLAN, with the corresponding OOB management network IP address being 192.168.30.0/24. Each device intended for management via the OOB network is connected to the management VLAN ports of the Forti-switch through their respective physical management ports, as illustrated in the diagram. My objective is to manage the Fortigate firewall B using its IP address, 192.168.30.10, which is configured on the physical management port. In pursuit of this objective, I attempted to configure the static route outlined below. However, I encountered an issue where the command SET DEVICE MGMT was not accepted, even after I had removed the management port from being designated as a dedicated port. Could you please advise on the most effective method to achieve my goal of managing the Fortigate firewall B through its management port?
edit 12
set dst 192.168.209.0/26
set gateway 192.168.30.1
set device mgmt
