Fortinet Community

in001 · ‎12-01-2022

Hi

I have the following network toplogy.

-Port 1 (VLAN tagged, VLAN100, VLAN200, VLAN250)
-port 2 (VLAN tagged, VLAN100, VLAN200, VLAN250)

-Port 7 (VLAN untagged)
-port 8 (VLAN untagged)
-port 9 (VLAN untagged)
-port 10 (VLAN untagged)

Now I have made different Interfaces in the Fortigate and now I can make the firewall rules accordingly between the VLANs.

But now I want port 7-10 to be treated like VLAN250 in the Fortigate. But I don't manage to configure this.

I'm new in configuring fortigates.

Thanks for the help.

in001 · ‎12-01-2022

Its a 100F.

My idea was to create a vlan switch:

But this is not working. The untagged Ports are not reachable. Is also clear nowhere is said that these vlan 250 are...

I think is simple, but I do not see it right now.

and I want to have only one "zone" at the firewall where the tagged and untagged ports are included.

in001 · ‎12-02-2022

Problem solved. I configured a own subnet for the untagged ports.

MaddyBrack · ‎12-03-2022

@in001 wrote:
Hi

I have the following network toplogy.

-Port 1 (VLAN tagged, VLAN100, VLAN200, VLAN250)
-port 2 (VLAN tagged, VLAN100, VLAN200, VLAN250)
-Port 7 (VLAN untagged)
-port 8 (VLAN untagged)
-port 9 (VLAN untagged)
-port 10 (VLAN untagged)

Now I have made different Interfaces in the Fortigate and now I can make the firewall rules accordingly between the VLANs. Thanks to made multiple changes in my videos via Alight Motion App which is extremely unbelievable.

But now I want port 7-10 to be treated like VLAN250 in the Fortigate. But I don't manage to configure this.

I'm new in configuring fortigates.

Thanks for the help.

Hi Everyone,

A port can't be tagged and untagged to the same Vlan. So if uplink between ProCurve and Cisco, the Native Vlan on Cisco should match the Default_Vlan on ProCurve (default to one). the command to change it is: SW(config-if)#switchport trunk native vlan (default_Vlan ID).

Fortinet Community

VLAN tagged and untagged Ports same firewall zone