Fortinet 118 FortiWeb 5.0 Patch 6 Administration Guide
whether the device receiving a packet operates at Layer 2 or Layer 3 of the network, this tag
may be added, removed, or rewritten before forwarding to other nodes on the network.
For example, a Layer 2 switch or FortiWeb appliance operating in true transparent proxy mode
would typically add or remove a tag when forwarding traffic among members of the VLAN, but
would not route tagged traffic to a different VLAN ID. In contrast, a FortiWeb appliance
operating in reverse proxy mode, inspecting the traffic to make routing decisions based upon
higher-level layers/protocols, might route traffic between different VLAN IDs (also known as
inter-VLAN routing) if indicated by its policy, such as if it has been configured to do
content-based routing.
Cisco Discovery Protocol (CDP) is supported for VLANs, including when FortiWeb is operating
in either of the transparent modes.
To configure a VLAN subinterface
1. Go to System > Network > Interface.
To access this part of the web UI, your administrator's account access profile must have
Read and Write permission to items in the Network Configuration category. For details, see
“Permissions” on page 47.
2. Mark the check box next to the physical network interface associated with the physical
network port where you want to create the VLAN subinterface.
3. Click Create New.
A dialog appears.
4. Configure these settings:
Setting
name
Description
Name Type the name (such as vlan100) of this VLAN subinterface that
can be referenced by other parts of the configuration. Do not use
spaces or special characters. The maximum length is 15
characters.
Tip: The name cannot be changed once you save the entry. For a
workaround, see “Renaming entries” on page 58.
Interface Select the name of the physical network port with which the VLAN
subinterface will be associated.