Dear community,
I'm pretty new to networking and fortigates in general (less than a year of experience).
I've been recently assigned a project and i have some questions which I'd love some expert opinions on.
Basically we recently moved 2 HPE servers to a local datacenter, those servers have XCP installed and some VMs have been deployed which include databases of an external partner. Those databases will need to be accessed from the partners side with public IPs and their next hop would be our gateway on Fortigate.
The issue here is that we don't want to use natting for the addresses so we can avoid having to interact with the NOC teams of the datacenter company or the partner company so we have full control.
I have been instructed to statically route the VMs (around 8 machines).
The datacenter has provided us a public ip 185.x.x.x with 255.255.255.0 subnet mask and .254 gateway
that will be the IP attached to my wan address on the FortiGate.
A routed subnet has also been provided 185.y.y.144/28
How would i be able to attach the server to a port on the fortigate and its vms can use the routed /28 subnet? For example the vms should have IPs 185.y.y.145, 185.y.y.146 and so on.
Would i need to simply add the routed /28 subnet as a software switch on a port, connect the server to that port so the XCP would get .144 IP and then just statically assign the rest of the IPs to the VMs inside XOA? (Along with static routes and firewall rules of course on the forti)
Apologies if my request sounds confusing and thanks in advance for any help
Regards
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Turns out i cannot use /28 subnet on a software switch so that idea has sunk.
If anyone can point me in the right direction i'd appreciate it
I think i made myself look silly with this post haha, i used sipcalc and noticed that .144 is the network address which is why it wouldn't let me use it on the software switch, please ignore this thread completely guys, and apologies for the burnt braincells :)
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1720 | |
1095 | |
752 | |
447 | |
234 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.