Hi i need some help.
I got a customer where we are migrating there current VOIP platform to a new one.
For the new VOIP devices we ordered a IPVPN (Private ISP subnet)
Were trying to handout that subnet from the ISP 192.168.110.2/255.255.255.0 to our VLAN 110 devices.
But i cant get it to work.
Any one got any idea how to implement this?
Help would be great!
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Created on 07-06-2022 11:57 AM
Hello @Mvthul ,
Thank you for posting on Fortinet Community Forum. As per your configuration, this will not work as you are trying to the same subnet for the trunk interface(internal 3) and the sub-interface(VLAN 110).
You would have to change the IP subnet on the trunk instead.
Thanks,
So it’s not possible to make the IP subnet coming in on internal 3 to VLAN 110 ? Even with overlapping subnets on? We need to get those devices in VLAN 110 in the 192.168.110.0/24 subnet some how. I know draytek calls it the IP routed subnet feature. But can Fortigate do this also somehow?
It's possible but has to be a separate subnet. I'm not sure how IPVPN works but I would assume they use a separate subnet from the main interface one. Are your sure about this?
Toshi
Created on 07-06-2022 12:30 PM Edited on 07-06-2022 12:31 PM
Interface3 is 192.168.110.2/255.255.255.255
But we got the whole subnet available 192.168.110.0/255.255.255.0 for our devices(from KPN RoutIT). It’s a private connection for our voip devices within the network of KPN. But they need to be in the same subnet without NAT for best experience.
Created on 07-06-2022 12:35 PM Edited on 07-06-2022 12:36 PM
The whole subnet the /24 is bound to the non-tagged interface. Each VLAN (tagged-interface) on the same physical interface are just different interfaces, which need to have a different subnet each.
Generally the same thing happens on the ISP's device side. So when they provide another interface with a different VLAN tag, they have to assign a different subnet.
Toshi
look at this as example!
I don't think you can do the same with an FGT. Or replace the DrayTek device with an FGT.
Toshi
Thanks for ur reply! Ill think of a other solution.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1633 | |
1063 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.