Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
zekebashi
New Contributor

Internal Interfaces

Hello,

 

I am new to Fortinet firewalls so excuse my shortcomings. 

 

We have a FortiGate 60B and I am trying to understand how 4 internal ports are assigned the same IPv4 address. When I check under the "Unit Operation" where this section shows the front ports of the firewall. There are 4 ports that are labeled "INT1, INT2, INT3, INT4" all of them are showing green. When I hover the mouse on each one of them, it shows it is assigned an IP address (192.168.254.254/24). However, when I click on the "Network" option, Interface tab, there is a single interface called internal and it is assigned IP address: 192.168.254.254/24.

 

I am confused as to how 4 ports can be assigned the same IP address if they are not configured as Layer 2 interfaces!!

 

I was wondering if someone can clarify that for me or guide me in the right direction.

 

Best,

~sK

3 REPLIES 3
sw2090
SuperUser
SuperUser

This is Fortinet Factory Default :)

All internal ports are configured to be one (virtual) switch. The interface "internal" you see is the switch itself. That does have the IP Address you mentioned. 

The ports themselves do not have an ip address because they are only switchports now.

If you want them to be on their own you will have to delete the switch interface (or remove one or more Ports from it). Then you will see internal1,2,... in interface view and they will be handled each as an own interface. 

 

hth

Sebastian

-- 

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

-- "It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
LukeLuke1979

Hello, I have the same problem on Fortigate 20c. I need to connect it on two different switch with different subnets.

Could you help me to understand if is possible configure two separated lan interfaces with two different IP ?

 

Thanks a lot

 

Greetings

parteeksharma

Hi LukeLuke1979,
You can configure two different IP address on two different interfaces of fortigate. To remove physical interface from Hardware/Software switch, kindly check below link and then you can configure separate IP address on those interfaces and connect switches as per your requirement: 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-add-or-remove-physical-interface-fr...

Regards,
Parteek

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors