Hi all, I need some help with configuring VLANs on Fortigate 60E. Basically, I would like to setup Data & Voice vlan to go through site-to-site IPSEC VPN. I have setup a site-to-site IPSEC VPN tunnel between the remote site and the main site. The tunnel is up with no issues. Internal physical interface on the Fortigate 60E is set to IP 10.210.213.1/28, this can be my Data vlan, now I need to add Voice vlan 10.210.213.17/28. Can I add that as an interface->vlan type and choose the same physical interface as above that with a vlan id? And create the policies to allow vlan traffic through the vpn. Is this how you do it or am I missing something here? Thanks in advance.
I think this will answer your questions.
hi TamilStar,
Thank you for the query!
You may follow the below article for creating the VLAN interfaces on the firewall:
>> https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-create-a-VLAN-tagged-interface-802-...
+ Please make sure your other end switch it tagging the data and voice traffic with different VLANs
+ Also please make sure your Voice VLAN network 10.210.213.17/28 is allowed in the phase2 VPN as local at your end
+ Accordingly please create policies as well
Thank you!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1849 | |
1133 | |
769 | |
447 | |
262 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.