Network configuration | Virtual domains in Transparent mode |
|
|
Adding VLAN subinterfaces
The VLAN ID of each VLAN subinterface must match the VLAN ID added by the IEEE
You add VLAN subinterfaces to the physical interface that receives
To add VLAN subinterfaces
1Go to System > Network > Interface.
2Select New VLAN to add a VLAN subinterface.
3Enter a Name to identify the VLAN subinterface.
The name can contain numbers
4Select the interface that receives the VLAN packets intended for this VLAN subinterface.
5Enter the VLAN ID that matches the VLAN ID of the packets to be received by this VLAN subinterface.
The VLAN ID can be any number between 1 and 4096 but must match the VLAN ID added by the IEEE
6Configure the VLAN subinterface settings as you would for any FortiGate interface.
You can add the VLAN subinterface to a zone, configure addressing, add a ping server, and configure administrative access to the VLAN subinterface. For more information, see “Configuring interfaces” on page 138.
7Select OK to save your changes.
The FortiGate unit adds the new subinterface to the interface that you selected in step 4.
Virtual domains in Transparent mode
In Transparent mode, The FortiGate unit can apply firewall policies and services, such as virus scanning, to traffic on an IEEE 802.1 VLAN trunk. The FortiGate unit operating in Transparent mode can be inserted into the trunk without making changes to the network. In a typical configuration, the FortiGate internal interface accepts VLAN packets on a VLAN trunk from a VLAN switch or router connected to internal VLANs. The FortiGate external interface forwards tagged packets through the trunk to an external VLAN switch or router. This external switch or router could be connected to the Internet. The FortiGate unit can be configured to apply different policies for traffic on each VLAN in the trunk.
147 |
