Hello! Guys, need help to solve the problem. There is one ISP, one cable is connected to the first port of FG300D. I have a block of IP addresses – for NAT and Transparent modes. I need to create 2 VDOMs - one of them will work in NAT mode, the other will be in Transparent. Unable to add already used by root VDOM WAN interface to the second VDOM (Transparent). Is it possible?
I’m sorry for my English - I am doing my best )))
Solved! Go to Solution.
Actually you don´t need to enter any IPs, if you dont have special needs for them, just make sure your routing is correct and pointing to the vdom-link for the netoworks behind them
If you do the other way around, your asterisk would still need to enter the NAT vdom to reach the Internet ?
FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C
Hi Maxim,
What you can do is to create a VDOM in transparent mode, add the pshysical interface to that vdom, then create a VDOM in NAT mode and create a inter-vdom link between the NAT and TP VDOM.
In this way you can share that interface with other VDOMs.
An pshysical interface can only me member of one vdom, but you can create VLANs in multiple VDOMs.
FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C
Hi Selective!
Thank you for your answer!
Can i do it vice versa? I already have root VDOM with NAT. I created second VDOM - transparent. Im trying to create link between them. Wich ip-address should i place into root vlink?
Unfortunatly my ISP cant give me vlans...
I have problems with Asterisk - that is why I decided to create Transparent VDOM.
Actually you don´t need to enter any IPs, if you dont have special needs for them, just make sure your routing is correct and pointing to the vdom-link for the netoworks behind them
If you do the other way around, your asterisk would still need to enter the NAT vdom to reach the Internet ?
FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C
Dear Selective!
You are the man! Your scheme is working! Thank you very much!
FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1738 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.