Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
maher
New Contributor

Created on ‎03-30-2017 07:30 AM

VLAN creation on Fortigate

hi,

I am a beginner in the world of Fortigate, I have a Fortigate 100D and unmanaged switches (switch L2 only), is this Fortigate can be a VLANs server, ie create and manage the VLANs without the need for an L3 switch? I tried to create VLANs nd enable DHCP to distribute IP addresses to workstations, but none of my clients receive the IP address?

 

 

best regard,

5818
0 Kudos
6 REPLIES 6
rwpatterson
Valued Contributor III

Created on ‎03-30-2017 08:19 AM

Although the switch may not be managed, is it VLAN aware? If you pass VLAN traffic, does it get forwarded without getting clobbered?

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
2930
0 Kudos
ede_pfau
SuperUser
SuperUser
In response to rwpatterson

Created on ‎03-30-2017 08:24 AM

VLAN is not L3 but L2.

And yes, your switches need to be able to handle VLAN traffic. On the FGT, you are able to create tagged VLAN ports.

Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
2930
0 Kudos
maher
New Contributor
In response to ede_pfau

Created on ‎03-30-2017 08:31 AM

thank you for your reply

 

2930
0 Kudos
ede_pfau
SuperUser
SuperUser
In response to maher

Created on ‎03-30-2017 08:37 AM

As I said, if your switches are not VLAN-aware (they need not be managable for this) they won't pass VLAN traffic. On the FGT, you can create (I think that's what you mean) VLAN ports, even several different ones on one physical port (i.e., a VLAN trunk).

VLANs are not primarily a security feature. Rather, they create isolated broadcast domains to contain broadcast traffic and thus conserve bandwidth.

You will need a routing instance on your LAN if you want to communicate between VLANs. And yes, a FGT can do that for you.

Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
2930
0 Kudos
maher
New Contributor
In response to ede_pfau

Created on ‎03-30-2017 08:44 AM

Perfect, that's what I want, thanks

2930
0 Kudos
maher
New Contributor
In response to rwpatterson

Created on ‎03-30-2017 08:28 AM

hi, 

thank you for your response

 

It's a scenario I'm going to do in the next few days, and it's not done yet. I plan to cite 2 VLANs, one for server and another for workstations, it's security issue. Since I do not have a manageable switch to create VLANs, my question is: Is what I can create in the Fortigate?

 

best regards,

2930
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.