Fortinet 50A 102 , Adding routes in Transparent mode, Configuring the routing table

102 Fortinet Inc.

Configuring routing Network configuration

7Set Device #2 to the FortiGate interface through which to route traffic to connect to

Gateway #2.

You can select the name of an interface or Auto (the default). If you select the name of

an interface, the traffic is routed to that interface. If you select Auto the system selects

the interface according to the following rules:

• If the Gateway #2 IP address is on the same subnet as a FortiGate interface, the

system sends the traffic to that interface.

• If the Gateway #2 IP address is not on the same subnet as a FortiGate interface,

the system routes the traffic to the external interface, using the default route.

You can use Device #2 to send packets to an interface that is on a different subnet

than the destination IP address of the packets without routing them using the default

route.

8Select OK to save the route.

Adding routes in Transparent mode

Use the following procedure to add routes when operating the FortiGate unit in

Transparent mode.

To add a route in Transparent mode

1Go to System > Network > Routing.

2Select New.

3Enter the Destination IP address and Netmask for the route.

4Enter the Gateway IP address for the route.

5Select OK to save the new route.

6Repeat steps 1 to 5 to add more routes as required.

Configuring the routing table

The routing table shows the destination IP address and mask of each route that you

add, as well as the gateways and devices added to the route. The routing table also

displays the gateway connection status. A green check mark indicates that the

FortiGate unit has used the ping server and dead gateway detection to determine that

it can connect to the gateway. A red X means that a connection cannot be established.

A blue question mark means that the connection status is unknown. For more

information, see “Adding a ping server to an interface” on page 97.

The FortiGate unit assigns routes using a best match algorithm based on the

destination address of the packet and the destination address of the route. To select a

route for a packet, the FortiGate unit searches the routing table for a route that best

matches the destination address of the packet. If a match is not found, the FortiGate

unit routes the packet using the default route.

Note: Any two routes in the routing table must differ by something other than just the gateway to

be simultaneously active. If two routes added to the routing table are identical except for their

gateway IP addresses, only the route closer to the top of the routing table can be active.

Note: Arrange routes in the routing table from more specific to more general. For information

about arranging routes in the routing table, see “Configuring the routing table”.