We have a pair of FortiGates in an active/passive cluster, and have created a secondary VLAN Interface for VoIP traffic.
We have Netgear switches with Auto-VoIP-VLAN enabled. This works by matching MAC prefixes.
It appears that FortiGates do not allow the MAC address of VLAN Interfaces to be modified, so I've manually configured the primary switch to use port-based VLAN to get the FortiGates and Netgear switches working. This works, but is not the most ideal solution.
So, my question is: Is there a way to change the MAC address of a VLAN Interface? Or, is there another type of Interface that would do basic LAN stuff, which would allow me to change its MAC address?
Thanks!
Hi Wws,
Yes, you are right. The VLAN interface will inherit the mac add of the underlay physical port and there is no way to modify the vlan mac add separately. However, pls review the below doc to use emac vlan, which has its unique mac address independent of the physical interface.
https://docs.fortinet.com/document/fortigate/7.6.2/administration-guide/212317/enhanced-mac-vlan
I hope this helps.
Thanks,
The HA'd VLAN Switch interface has its own MAC address, which is not based upon the underlying interface(s). I could still alter the underlying physical ports' MAC addresses, but doing so would have no impact on the switch, as it doesn't "see" those MAC addresses - it only sees the VLAN Switch's virtual MAC address.
I did take a peak at the EMAC VLAN, and quickly ran into a major issue with it: It doesn't have any DHCP server. I need a fully functional LAN, in active/passive HA, of which I can alter the MAC address. Everything I've read and tried is leading me to believe this is not possible with FortiGate...
I'm hoping someone here can prove me wrong on that.
User | Count |
---|---|
2546 | |
1354 | |
795 | |
643 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.