Hello everyone! English isn't my first language as you all can see, sorry about that.
I have a difficult time with setting up - a very basic thing - another subnet in my network.
Right now my network looks something like that
A FortiWifi 90D <-> to 'Internal' connected couple of Cisco SG500X <-> to them my endpoints Network growing faster and faster and now I have to set up another subnet, so this is what I did so far: I have created a VLAN 192.168.10.x 'inside' of Internal (internal is 192.168.1.x) phisical interface, then I created couple firewall policies which I thought are enough: WAN -> VLAN Accept VLAN -> WAN Accept Internal ->VLAN Accept VLAN -> Internal Accept I though this is enough but when I plug in a PC to Internal (or SG500X) and set up NIC with VLAN IP like IP: 192.168.10.10, Subnet 255.255.255.0 GW 192.168.10.1 I cannot get access to either Internet or Internal LAN (192.168.1.x) I think I missing something obvious, can someone point me in the right direction here?
Welcome to the forums. You are now effectively treating the internal ports as trunk ports. You need to 802.1q tag the connected port on the Cisco switch (with the same VLAN number) to accept that traffic on this link in order to receive that traffic. Once this has been done, you will be able to pass traffic through the Fortigate.
I just reread what you posted. When you plug the PC into the internal port, can you PING the gateway IP on the Fortigate?
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
rwpatterson wrote:I just checked that and the answer is no. There is no ping back and on the windows machine the network status is UnidentifiedWhen you plug the PC into the internal port, can you PING the gateway IP on the Fortigate?
 
					
				
				
			
		
| User | Count | 
|---|---|
| 2648 | |
| 1405 | |
| 810 | |
| 690 | |
| 455 | 
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.