Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
kikegil
New Contributor

Configuring multiples subnets in FortiWiFi 90D.

Good afternoon,

 

I'm new in the Fortinet world and I need some help setting up my FortiWiFi 90D.

 

I am trying to find a way to configure several subnets (or VLANs) in my equipment, for example, adding ports 1, 2 and 3 to one of them and ports 4, 5 and 6 to another one (with different IP ranges).

 

I have tried changing to "interface mode" ("set-internal-switch-mode interface") and creating a pair of VLANs and assigning ports to them directly (both in graphic mode and through CLI) but I did not get any results (i always get some kind of failure or directly did not appear the option in the corresponding menu).

 

If someone could give me some kind of information about it I would greatly appreciate it.

 

Thank you so much.

 

Greetings.

2 Solutions
brycemd

Armando_Gomez_Barrio

Good afternoon, 

 

exellent answer on the topic brycemd,

 

this link could help you: http://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-managing-fortiswitch-330-54/VLANconfi...

 

best regards

 

Armando 

View solution in original post

5 REPLIES 5
brycemd
Contributor II

VLANs are sub interfaces. So for what you are describing things don't really need to be VLANs from the perspective of the FortiGate since you don't need multiple networks on the interfaces.(So long as it arrives there untagged). You just need two different hardware switches.

 

Or, if you do want the packets to arrive tagged, you need to create the VLANs under the hardware switches. So the base untagged network could be whatever you want the management network to be, then the VLANs would be the actual network you want.

brycemd

For Example:

Armando_Gomez_Barrio

Good afternoon, 

 

exellent answer on the topic brycemd,

 

this link could help you: http://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-managing-fortiswitch-330-54/VLANconfi...

 

best regards

 

Armando 

kikegil

Thank you for answering so quickly.

 

At the end I've achieved to create two LANs (one for the ports 1-7 and the other one for the ports 8-14). The problem was the default configuration of the FW, that didn't permit to do it directly (you have to delete the default internal interface that is created).

 

Greetings!

kikegil

Thank you very much for the help.

 

Finally I've been able to create two different LANs(with different IP address ranges) and make them communicate correctly.

 

The problem was that I didn't remove the "software switch" interface that was created by default with the name "internal" in the FW and that was asign to all the ports (this did not allow to create new interfaces assigned to the ports individually). When I got to delete the default interface I was able to create new LANs (both software and hardware switch) with the ports.

 

Greetings!