Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
AlexFerenX
New Contributor III

Created on ‎03-12-2025 05:32 PM Edited on ‎03-12-2025 05:34 PM

"vlanforward" field allowed in Routed/NAT Opmode - a bug?

Hi!

 

All KBs and documentation (except very early v5.0 Handbook) documents "vlanforward" field as being functional ONLY in VDOM configured in Transparent Opmode. However, this field is allowed to be set (using CLI/GUI/FortiManager) on a vlan-type subinterface whose VDOM is configured in NAT/Routed mode.

 

Normally, if a field is not appropriate in a particular context, FortiOS syntax disallows it to be set. So, is ability to set "vlanforward" field in subinterface with "vdom" field set to VDOM configured in NAT/Routed mode - a bug?

 

Thanks!

Labels:
143
0 Kudos
2 REPLIES 2
Toshi_Esumi
SuperUser
SuperUser

Created on ‎03-12-2025 05:43 PM

This KB:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-VLAN-forward-interface-parameter/ta-p/1930...
says only "meaningful". So I would interpret it as it's "meaningless"(antonym) if it's not TP mode and even if you configured it. I wouldn't call it a bug.

Toshi

131
0 Kudos
AlexFerenX
New Contributor III
In response to Toshi_Esumi

Created on ‎03-12-2025 06:20 PM Edited on ‎03-12-2025 06:21 PM

> So I would interpret it as it's "meaningless"(antonym) if it's not TP mode and even if you configured it.

 

What function "vlanforward" field serves within NAT/Routed Opmode?

 

> I wouldn't call it a bug.

 

The whole point of enforcing syntax is to not allow to set fields that have no function within a context or are mutually exclusive with values set for other fields - this has always been the case with FortiOS CLI. Otherwise, all fields could be set - which, luckily, isn't so.

121
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.