Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
thatoneguysteve
New Contributor

Maximum number of entries has been reached - IPs per interface

I see now that there is a limitation of 32 secondary IPs per interface on the 90d, this seems very low.

Im on the process of using a 90D (straight routing, no NAT) as an intermediary router to a Linux based management router we have. Long story short this management router has 190 some IPs on its internal interface ranging from /30 to /24 in size that act as gateways for various networks. I cant split the gateways between different interfaces connected to a switch because we use DHCP relay and doing so would cause it to fail.

I have an Imagestream Router sitting next to me I can move this to, but would prefer the Fortigate for its visibility. (this is just routing between two interfaces, no sec profiles, not control, policy is allow all, no NAT)

Is there a way around this arbitrary limit of 32 IPs?

2 REPLIES 2
emnoc
Esteemed Contributor III

Yes, 802.1q tagging.

 

Secondary imho & experiences don't scale very will, provides very little protections between secondaries-2-secondaries or secondary-2-primary.

 

Keep in mind, with  802.1q you will have max value limits also per-chassis

 

Ken

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
thatoneguysteve
New Contributor

that will break the DHCP relay

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors