Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
zekebashi
New Contributor

Created on ‎05-27-2021 04:57 PM

Internal Interfaces

Hello,

 

I am new to Fortinet firewalls so excuse my shortcomings. 

 

We have a FortiGate 60B and I am trying to understand how 4 internal ports are assigned the same IPv4 address. When I check under the "Unit Operation" where this section shows the front ports of the firewall. There are 4 ports that are labeled "INT1, INT2, INT3, INT4" all of them are showing green. When I hover the mouse on each one of them, it shows it is assigned an IP address (192.168.254.254/24). However, when I click on the "Network" option, Interface tab, there is a single interface called internal and it is assigned IP address: 192.168.254.254/24.

 

I am confused as to how 4 ports can be assigned the same IP address if they are not configured as Layer 2 interfaces!!

 

I was wondering if someone can clarify that for me or guide me in the right direction.

 

Best,

~sK

6616
0 Kudos
3 REPLIES 3
sw2090
SuperUser
SuperUser

Created on ‎05-31-2021 01:37 AM

This is Fortinet Factory Default :)

All internal ports are configured to be one (virtual) switch. The interface "internal" you see is the switch itself. That does have the IP Address you mentioned. 

The ports themselves do not have an ip address because they are only switchports now.

If you want them to be on their own you will have to delete the switch interface (or remove one or more Ports from it). Then you will see internal1,2,... in interface view and they will be handled each as an own interface. 

 

hth

Sebastian

-- 

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

-- "It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
6224
0 Kudos
LukeLuke1979
New Contributor
In response to sw2090

Created on ‎10-21-2023 06:21 AM

Hello, I have the same problem on Fortigate 20c. I need to connect it on two different switch with different subnets.

Could you help me to understand if is possible configure two separated lan interfaces with two different IP ?

 

Thanks a lot

 

Greetings

4829
0 Kudos
parteeksharma
Staff
Staff
In response to LukeLuke1979

Created on ‎10-21-2023 08:02 AM

Hi LukeLuke1979,
You can configure two different IP address on two different interfaces of fortigate. To remove physical interface from Hardware/Software switch, kindly check below link and then you can configure separate IP address on those interfaces and connect switches as per your requirement: 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-add-or-remove-physical-interface-fr...

Regards,
Parteek

4820
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.