Adding Cisco Layer 3 switch & creating 3 new VLANs. Changes to be made on Fortigate 200D?

leslie8888 · ‎10-05-2017

Hi Everyone,

I've just joined this new company and new to Fortigate as my previous companies are all using Palo Alto firewalls. I hope that the experts here can guide me on the changes to be made when we add in a new Cisco Layer 3 switch & creating 3 new VLANs. Below are diagrams of the current setup and new setup after the Layer 3 switch is added. Can somebody tell me what are the changes I need to make in the Fortigate 200d in point form so that the LAN users work proper and VPN clients able to route and connect to the new VLANs? DHCP server the Fortigate will still remain until the new AD is up. So the LAN users will need to be able to grab IPs from the DHCP server service from the Fortigate.

Can some experts please help me? Thanks

tanr · ‎10-05-2017

I think your second diagram (of the new setup) didn't get posted.

Also, which FortiOS version is on the 200D?

leslie8888 · ‎10-05-2017

Hi. This is the intended setup. Thanks Tanr for pointing out.

MikePruett · ‎10-11-2017

Give the Layer 3 switch a default route that points to 10.10.4.1

Give the FortiGate a route that says 10.0.0.0/8 goes to 10.10.4.2

Give the FortiGate a route that says 192.168.0.0/24 go to 10.10.4.2

FortiGate maintains it's default route to point all other traffic out the internet pipe

Make sure policy is in place to allow the appropriate traffic flow

Mike Pruett

Fortinet GURU | Fortinet Training Videos

Adding Cisco Layer 3 switch & creating 3 new VLANs. Changes to be made on Fortigate 200D?

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website