Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
conu-iancu
New Contributor

Created on ‎04-18-2025 02:12 PM

Fortigate routing 2 public IP spaces

I've received IP address information from my new ISP, and it looks like I may need an additional router. They provided two public IP ranges: one labeled as the WAN, which is a /30 subnet, and another labeled as LAN, which is a /29 subnet.

From what I understand, the /29 subnet contains my usable public IP addresses, and I need to route traffic from this range through the WAN (/30) subnet.

Is it possible to configure this setup using a FortiGate firewall, while still using it as a traditional firewall—publishing services from an internal or DMZ network through the /29 public IPs? What would be the best way to approach this configuration?

Labels:
115
0 Kudos
1 REPLY 1
Toshi_Esumi
SuperUser
SuperUser

Created on ‎04-18-2025 03:56 PM

Yes, that's a very common way to provide an additional /29 subnet by any ISPs. The IP in the /30 subnet is for your WAN interface IP, while their GW device takes the other IP in two available IPs within the /30. Then you can use the /29 for your LAN side interface, or DMZ interface as you wish. Of course the FGT's DMZ interface needs to take one IP from the /29, then all devices in DMZ can use one of 5 available IPs.

 

Toshi

98
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.