Hi
I have the following network toplogy.
-Port 1 (VLAN tagged, VLAN100, VLAN200, VLAN250)
-port 2 (VLAN tagged, VLAN100, VLAN200, VLAN250)
-Port 7 (VLAN untagged)
-port 8 (VLAN untagged)
-port 9 (VLAN untagged)
-port 10 (VLAN untagged)
Now I have made different Interfaces in the Fortigate and now I can make the firewall rules accordingly between the VLANs.
But now I want port 7-10 to be treated like VLAN250 in the Fortigate. But I don't manage to configure this.
I'm new in configuring fortigates.
Thanks for the help.
Its a 100F.
My idea was to create a vlan switch:
But this is not working. The untagged Ports are not reachable. Is also clear nowhere is said that these vlan 250 are...
I think is simple, but I do not see it right now.
and I want to have only one "zone" at the firewall where the tagged and untagged ports are included.
Problem solved. I configured a own subnet for the untagged ports.
@in001 wrote:Hi
I have the following network toplogy.
-Port 1 (VLAN tagged, VLAN100, VLAN200, VLAN250)
-port 2 (VLAN tagged, VLAN100, VLAN200, VLAN250)-Port 7 (VLAN untagged)
-port 8 (VLAN untagged)
-port 9 (VLAN untagged)
-port 10 (VLAN untagged)
Now I have made different Interfaces in the Fortigate and now I can make the firewall rules accordingly between the VLANs. Thanks to made multiple changes in my videos via Alight Motion App which is extremely unbelievable.
But now I want port 7-10 to be treated like VLAN250 in the Fortigate. But I don't manage to configure this.
I'm new in configuring fortigates.
Thanks for the help.
Hi Everyone,
A port can't be tagged and untagged to the same Vlan. So if uplink between ProCurve and Cisco, the Native Vlan on Cisco should match the Default_Vlan on ProCurve (default to one). the command to change it is: SW(config-if)#switchport trunk native vlan (default_Vlan ID).
@in001 wrote:Hi
I have the following network toplogy.
-Port 1 (VLAN tagged, VLAN100, VLAN200, VLAN250)
-port 2 (VLAN tagged, VLAN100, VLAN200, VLAN250)-Port 7 (VLAN untagged)
-port 8 (VLAN untagged)
-port 9 (VLAN untagged)
-port 10 (VLAN untagged)
Now I have made different Interfaces in the Fortigate via alight motion and now I can make the firewall rules accordingly between the VLANs.
But now I want port 7-10 to be treated like VLAN250 in the Fortigate. But I don't manage to configure this.
I'm new in configuring fortigates.
Thanks for the help.
So what did you do?
The OP changed the design instead of implementing the original description. Simply configured IP/subnet on "VLAN_SWITCH" untagged/parent interface for all those ports. Then let VLAN250 sitting on the same ports.
Toshi
I created a new vlan switch "MANAGEMENT" with the untagged ports and connected the untagged devices to this ports, in my case this was a good solution.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.