Hi,
i have problem with correct settings for VLAN mangment.
I have two subnets
LAN (192.168.0.0/24) VLAN1 (connected to D-LINK Switch)
MGM (10.10.5.1) VLAN5 (FortiSwitch)
Two switches are connected to my Firewall SonicWall on separete port (PORT0 for D-LINK, PORT4 for FortiSwitch tagged 5)
Fortiswitch is connect to my firewall on port 23 (native VLAN 1, Allowed VLAN 5)
I Create VLAN interface on Firewall and set access rules for allow all traffic (temporary) between VLAN 1 and 5
On Fortiswitch i connect two devices on port 7,25 (Native VLAN5, Allowed VLAN 5)
Communication work, i can access from LAN to MGM via ping and https and vice versa, devices inside VLAN5 also have communication beetwen each otcher.
Problem is when i try connect from LAN to FortiSwitch to managment access. I can't any ping or HTTPS.
In FortiSwitch i create VLAN5-MGM with ID 5 with ip 10.10.5.1/24 and access HTTPS,PING,SSH as physical interface select only one available internal (on System-> Network->Interface->VLAN)
On Switch->Interfaces -> internal have native VLAN 1 and Allowed VLAN 5
When i try to connect to switch from VLAN 5 (i connect to port 7 on the switch) is ok, i can access via ping, https, ssh, but not from LAN.
How i must set up switch / VLANS to connect to switch managment from LAN ?
On Router->Config->Static set up route to 0.0.0.0 0.0.0.0 via device VLAN5-MGM Gateway 10.10.5.1
Thank you in advance for your advice.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I managed to find a solution.
The problem was that the secondary management IP address was set to the LAN address. After removing or changing it, everything started working properly.
Hello marcin_iwa,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Kind regards,
I managed to find a solution.
The problem was that the secondary management IP address was set to the LAN address. After removing or changing it, everything started working properly.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1558 | |
1033 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.