I do not know the other models, but 200B does not have Internal interface, each physical port is its own interface, hence all routing, policy access etc must be done for itThe FGT-200B comes per default with 8 ports combined into a switch - the interface is called ' switch' . On the contrary, if you need as many physical ports you have to break up the switch before doing anything else, i.e. before creating policies or address objects tied to the switch interface. Maybe you should have a look into the concept of a ' zone' which Fortinet offers to reduce complexity. You put multiple interfaces into a zone and from then on only deal with the zone. For example, you have several VPN tunnels defined in interface-mode and all are handled in the same way, policy-wise. A zone ' VPNs' would reduce the number of policies 1:n. The difference between a switch-interface and a zone is that zones are handled by CPU. One other difference is that a switch-interface shares Layer 2 broadcasts - you can put a physical port and a WLAN port into one switch-interface and thus have the same broadcast domain for both ports.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.