I have the following topology:
A fortigate40F & a Fortiswitch;
I have a fiber connection coming into the switch, because I do not have sfp on the firewall.
What I want to accomplish is that my firewall communicates to my core network(VLAN102), while I have a port on the switch that is in VLAN103 so that the client that will reside on port 5 of the switch is able to communicate to a server that resides behind the gateway of my firewall ( VLAN102).
I want to protect the traffice with vDoms, one for the VLAN102 (root) and one for the VLAN103 (internal).
I have tried the following:
- create 2 vDoms
- create 2 VLANs and assign each to one of the vDOMS
- create vDOM links
- create static routes between the vDOMS ( using the vDOM links)
- assign the VLAN on the port of the switch where the client is connected.
- I am unable to view the ports/switch from the second vDOM, only on the root vDOM
- the client is unable to even ping the IP that is one the same vDOM & VLAN.
any clue where the flauw in my config is ?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi,
There are a lot of elements to check and verify here and it's not convenient to run the investigation in Forum. I would advise creating a TAC case along with the diagram and configuration and we will look into this.
Thanks,
Setup the gates as active/passive ha and use vlans to isolate your traffic. You can possibly use vdoms to further isolate and segregate your traffic but your idea to have the gates independently controlling parts of the switch is a non starter as far as I'm aware.
Hi Aqualectra,
Be aware that TAC is a break and fix team. You are starting a project from scratch so TAC is not the right way to accomplish this, but look for Professional service team help instead.
I suggest to have a clean network diagram of what you want to achieve, then start doing the settings one by one, testing them before carry on with the next steps.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1696 | |
1091 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.