Configuring routing

Network configuration

 

 

7Set Device #2 to the FortiGate interface through which to route traffic to connect to Gateway #2.

You can select the name of an interface or Auto (the default). If you select the name of an interface, the traffic is routed to that interface. If you select Auto the system selects the interface according to the following rules:

If the Gateway #2 IP address is on the same subnet as a FortiGate interface, the system sends the traffic to that interface.

If the Gateway #2 IP address is not on the same subnet as a FortiGate interface, the system routes the traffic to the external interface, using the default route.

You can use Device #2 to send packets to an interface that is on a different subnet than the destination IP address of the packets without routing them using the default route.

8Select OK to save the route.

Note: Any two routes in the routing table must differ by something other than just the gateway to be simultaneously active. If two routes added to the routing table are identical except for their gateway IP addresses, only the route closer to the top of the routing table can be active.

Note: Arrange routes in the routing table from more specific to more general. For information about arranging routes in the routing table, see “Configuring the routing table”.

Adding routes in Transparent mode

Use the following procedure to add routes when operating the FortiGate unit in

Transparent mode.

To add a route in Transparent mode

1Go to System > Network > Routing.

2Select New.

3Enter the Destination IP address and Netmask for the route.

4Enter the Gateway IP address for the route.

5Select OK to save the new route.

6Repeat steps 1 to 5 to add more routes as required.

Configuring the routing table

The routing table shows the destination IP address and mask of each route that you add, as well as the gateways and devices added to the route. The routing table also displays the gateway connection status. A green check mark indicates that the FortiGate unit has used the ping server and dead gateway detection to determine that it can connect to the gateway. A red X means that a connection cannot be established. A blue question mark means that the connection status is unknown. For more information, see “Adding a ping server to an interface” on page 97.

The FortiGate unit assigns routes using a best match algorithm based on the destination address of the packet and the destination address of the route. To select a route for a packet, the FortiGate unit searches the routing table for a route that best matches the destination address of the packet. If a match is not found, the FortiGate unit routes the packet using the default route.

102

Fortinet Inc.

Page 101 Page 103
Page 102
Image 102
Fortinet 50A user manual Adding routes in Transparent mode, Configuring the routing table, 102
Page 101 Page 103
Top Page Image Contents