Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
YasushiNarita
New Contributor II

Created on ‎02-19-2025 06:15 AM

what is VLAN ID 0 ? why cannot use VLAN ID 1?

Fortigate 90G FirmVer7.4.5

Default internal is VLAN ID 0.

I tried to change this VLAN ID 1,but errore poped up something like "cannont use VLAN ID 1..."

 

I want to use VLAN ID 1 ,because I want to fortigate deliver VLAN ID 1,100,200 by trunk-port to cisco L2switch.

 

How can i change VLAN ID 1 of fortigate? 

or it is not nessesary to define VLAN ID 1?

By the way, what means internal vlan id 0 is? 

 

Labels:
314
0 Kudos
6 REPLIES 6
AEK
SuperUser
SuperUser

Created on ‎02-19-2025 06:35 AM

You need to create 3 VLAN interfaces, with VLAN 1, 100 and 200.

You do it under menu Network > Interface, click "New", then select type VLAN and the appropriate ID. The 3 interfaces must be created on the physical interface that is connected to your Cisco switch as trunk interface.

AEK
AEK
307
Toshi_Esumi
SuperUser
SuperUser

Created on ‎02-19-2025 09:38 AM

https://docs.fortinet.com/document/fortigate/7.6.2/fortigate-7000f-administration-guide/729353/vlan-...

Toshi

286
AEK
SuperUser
SuperUser
In response to Toshi_Esumi

Created on ‎02-19-2025 01:42 PM

8 years in FGT and I don't know this!

I grew up in ignorance.

AEK
AEK
267
0 Kudos
Toshi_Esumi
SuperUser
SuperUser
In response to AEK

Created on ‎02-19-2025 02:33 PM

I didn't know that either until last year when I was investigating F-series "VLAN switch"'s "trunk" port issue. Probably was not written anywhere clearly until recently.

Toshi

262
0 Kudos
YasushiNarita
New Contributor II
In response to Toshi_Esumi

Created on ‎02-19-2025 04:12 PM

I've read this,as well.
I found this test below.

1. if I use VLAN switch  →cannot create VLAN ID 1.

2. if I use VLAN            →can create VLAN ID 1,

                                 though I'm worried about reserved VLAN ID document issue,

                                 which is written "Fortigate do not work as exepected."

I should not use VLAN ID 1,anyway...??

What do you think about it?
If I cannot use VLAN ID 1,it would be occuring Cisco vlan-connection problem,maybe..

242
0 Kudos
Toshi_Esumi
SuperUser
SuperUser
In response to YasushiNarita

Created on ‎02-19-2025 04:16 PM Edited on ‎02-19-2025 04:18 PM

If it says "don't use/reserved", don't use. That's FTNT's official message.
In the last VLAN switch thread, that person told us it could be configured but just didn't work.
And I'm not sure if Cisco's VLAN1 can be tagged at any interfaces. Shouldn't cause any issues connecting to FGTs as long as it's untagged (native VLAN).

Toshi

237
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.