Hello,
I have several vlans routing themselves in a L3 switch, which has a default gateway point to fortigate 100d for off-site traffic.
I'm unable to create policies based by device. The only device I see is naturally the switch.
The way I see it i can:
- stop using vlans and use a flat lan (not preferred)
- Use the Fortigate as the L3 routing (i'm talking about a factory with 100+ devices, concerned about performance)
- use FSSO and use AD groups ( :\ )
I'm looking for advice on better solution.
Thank you
David
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello,
If by "device" you refer to Fortigate's device detection method, you have the following options:
1) Replace your L3 Swtch with a Fortiswitch.
2) Use your own Fortigate for inter-vlan routing (as you pointed out).
3) Install Forticlient on your endpoints so they can register to the Fortigate.
I hope that helps.
NSE5, CCSE, CCNA R&S, CompTIA A+, CompTIA Network+, CompTIA Security+, MTA Security, ITIL v3
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1517 | |
1013 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.