Hello to all,
i have a difficult task to do. I need to create same subnets for multiple endpoint users and isolate those subnets without using multiple routers firewalls.
Can't figure out how to do it and if it is possible at first place.
Thank you.
Created on 10-11-2022 08:44 AM Edited on 10-11-2022 08:46 AM
OK initially it sounded like you just wanted to separate the traffic from the equipment that was being worked on to avoid duplicate IP warnings and issues. Now it sounds like you want these pieces of equipment to be able to route through the firewall. Is that the case? As in these pieces of equipment need to be able to reach outside networks, not just the technician's laptop?
But if you only need local access from tech laptop to equipment, you do not need to create the L3 interface on the FGT.
If you need devices to route beyond the FortiGate you will probably need to use VDOMs.
If you do not need devices to route beyond the FGT, why can't you create one VLAN for the equipment to plug into (with a primary IP only) and another VLAN for the tech laptop to plug into (with a primary IP only). I'm not sure why you are trying to use secondary IP addresses.
 
					
				
				
			
		
| User | Count | 
|---|---|
| 2656 | |
| 1410 | |
| 810 | |
| 699 | |
| 455 | 
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.