Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
srappaport
New Contributor

FGT200B - bridging interfaces

This is the first time working with a FortiGate 200B-POE. Is it possible to bridge the " switch" interface (the 8 PoE ports) with one of the ASIC accelerated interfaces? I would like to use the PoE ports for wireless access points only but keep them on the same subnet as the wired LAN and i would like the wired LAN to be connected to one of the ASIC accelerated ports. Thanks.
6 REPLIES 6
Fullmoon
Contributor III

Hi Notes from FortiOS Handbook in regards to Transparent mode (TP) In Transparent mode, the FortiGate unit is invisible to the network. All of its interfaces are on the same subnet and share the same IP address. You only have to configure a management IP address so that you can make configuration changes. You would typically use the FortiGate unit in Transparent mode on a private network behind an existing firewall or behind a router. In Transparent mode, the FortiGate unit also functions as a firewall. Firewall policies control communications through the FortiGate unit to the Internet and internal network. No traffic can pass through the FortiGate unit until you add firewall policies.

Fortigate Newbie

Fortigate Newbie
srappaport
New Contributor

Thanks, Fullmoon, however I still need to use this as a router as one of the interfaces will be a WAN connection as well, so I don' t think Transparent mode will work in this case. I appreciate the input though.
ede_pfau
SuperUser
SuperUser

Hi, this has been dealt with a couple of times already. There is a " Search" function for the forums. Look at this thread from January 2011: http://support.fortinet.com/forum/tm.asp?m=69096
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
srappaport
New Contributor

I' m aware of the search function, used it, but only came up with FWF-60 references (perhaps my search terms were not great). I was not sure if the wlan interface is handled the same as the switch interface on the 200B and the only reference to a 200B question was left unanswered. Thanks for the reply. I' m still debating whether I truly need to keep the wireless on the same subnet or not.
ede_pfau
SuperUser
SuperUser

As far as I' ve understood this issue in the past, the main reason to incorporate WLAN into the LAN broadcast domain is when the same DHCP server (range) should be used. WLAN clients broadcast for DHCP and this is not relayed by default if the WLAN port and the LAN port are not in the same layer2. As I don' t work with WLANs right now I can' t put in any experience of my own here. But I know that there are interface settings allowing for ' forward layer 2 protocols' and ' forward broadcasts' . So maybe you can get the WLAN to work even if on a separate interface.
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
srappaport
New Contributor

Thanks Ede. I appreciate the info.
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors