Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
prince
New Contributor III

Created on ‎05-09-2024 06:05 AM

Vdom setup with ISP LAN pool

Dear support,

we need to setup vdom for current network setup and our configuration is to use the ISP-provided LAN IP pool (1.1.2.2/29 subnet) in vdom ,

Currently, our Fortinet firewall's WAN interface is configured with the WAN IP pool address (1.1.1.1/30), and it's functioning seamlessly. However, we now aim to utilize the ISP-provided LAN IP pool (1.1.2.2/29) for vdom internet connectivity using IP addresses within this subnet. we need to setup this for separate network. we need to use ISP provided one of the Lan pool iP address for WAN interface in VDOM. i need your support for this. can anyone share how to configure this.

Labels:
531
0 Kudos
14 REPLIES 14
Toshi_Esumi
SuperUser
SuperUser
In response to Toshi_Esumi

Created on ‎05-09-2024 11:31 AM

And that's why you need to use vdom-link/npu-vlink to connect those client VDOMs to root vdom to route through. Then you can use the /31 subnet for both sides of vdom-link/npu-vlinks.

224
0 Kudos
prince
New Contributor III
In response to Toshi_Esumi

Created on ‎05-09-2024 11:23 PM

shall i assign this /29 ip address as lan laptop in firewall and connect this to cisco switch by creating separate vlan and connect the vlan to vdom interface as wan?

124
0 Kudos
Toshi_Esumi
SuperUser
SuperUser
In response to prince

Created on ‎05-10-2024 07:13 AM

No. Each client VDOM is an independent router and the root VDOM is just a transit or a part of internet. You need to set NAT at the client VDOM and all LAN side would have private IPs. And the link between root VDOM and the client VDOM need to have the /31 public subnet.

Toshi

108
0 Kudos
prince
New Contributor III
In response to Toshi_Esumi

Created on ‎05-10-2024 05:38 AM

Hi Toshi,

I have configured ISP provided /29 IP address in the FortiGate interface as vlan4 and in cisco i have configured 3 vlan4 port .now in one vlan4 port i connected a laptop and check i can able internet from  /29 IP address. and i connected this vlan4  to port 8 to vdom interface as wan. and in port 6 i configured lan interface for this vdom. and i created policy from lan to wan and allowed all the service and enable nat in this. but after connecting to this vdom created lan internet is not working. i need your support.

 

118
0 Kudos
Toshi_Esumi
SuperUser
SuperUser
In response to prince

Created on ‎05-10-2024 07:34 AM

This is how you could set up multiple VDOMs for clients. You never answered my question how many you need.

Toshi
vdoms.png

106
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.