Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Dratcliffe
New Contributor

Help with getting VDOM-NAT and VDOM-Transparent to share same WAN port?

Hello all, sorry for the post. I have been looking into it for a couple of days and I need a solution ASAP. A client of mine had a firewall onsite that gave out. The device is non functional so I couldn't pull the config settings. I have used Fortigates at several other clients and replaced it with this, but I am having some issues.

 

Their ISP provides them 4 static public IP addresses on a single DSL line, and at the moment only 2 are being used.

DSL goes into Frontier Modem (Bridged mode) to the WAN 1 of the fortigate.

 

Public IP: 1.1.1.1-4

Subnet: /24

Gateway 1.1.1.0

 

WAN1 on fortigate: 

 

IP/Sub: 1.1.1.1/24

Gateway: 1.1.1.0

 

I need Lan ports 1,2,3 and 5 to go to the Network Devices (Computers etc.) and Lan port 4 to go to a 3rd party Firewall's Wan1 port.

 

I have set up a VDOM-Root(NAT) and VDOM-3rdParty(Transparent)

I have also set up a vlink from root to 3rdparty using no IP addresses. (0.0.0.0/0.0.0.0)

 

Interfaces on VDOM-Root: Wan1, lan 1, 2, 3 ,4, 5, vlink 0

Interfaces on VDOM-3rd Party: lan 4, vlink1

 

Third party WAN 1: 1.1.1.3

Sub: /32

Gateway: 1.1.1.0

 

VDOM-Root is functioning properly.

VDOM-3rd Party is not communicating out.

 

I know I am either missing something or confused how VDOMs are supposed to work. Please let me know if yall can be of any assistance

 

 

 

 

1 REPLY 1
FortiKoala
Staff
Staff

It looks like you need to create an intervdom link from 3rd party to wan1 root port http://kb.fortinet.com/kb/viewAttachment.do?attachID=inter_vdom_new.pdf&documentID=FD36065

Labels
Top Kudoed Authors