Fortinet 100A User Manual
Page 70
70
01-28007-0068-20041203
Fortinet Inc.
Transparent mode VLAN settings
System network
To add a VLAN subinterface in Transparent mode
The VLAN ID of each VLAN subinterface must match the VLAN ID added by the IEEE
802.1Q-compliant router or switch. The VLAN ID can be any number between 1 and
4096. You add VLAN subinterfaces to the physical interface that receives VLAN-
tagged packets.
1
Go to System > Network > Interface.
2
Select Create New to add a VLAN subinterface.
3
Enter a Name to identify the VLAN subinterface.
4
Select the physical interface that receives the VLAN packets intended for this VLAN
subinterface.
5
Enter the VLAN ID that matches the VLAN ID of the packets to be received by this
VLAN subinterface.
6
Select the virtual domain to which to add this VLAN subinterface.
See
“System virtual domain” on page 131
for information about virtual domains.
7
Enable or disable using a Dynamic DNS service (DDNS). If the FortiGate unit uses a
dynamic IP address, you can arrange with a DDNS service provider to use a domain
name to provide redirection of traffic to your network whenever the IP address
changes.
8
Configure the administrative access, MTU, and log settings as you would for any
FortiGate interface.
See
“Interface settings” on page 48
for more descriptions of these settings.
9
Select OK to save your changes.
The FortiGate unit adds the new subinterface to the interface that you selected.
10
Select Bring up to start the VLAN subinterface.
To add firewall policies for VLAN subinterfaces
Once you have added VLAN subinterfaces you can add firewall policies for
connections between VLAN subinterfaces or from a VLAN subinterface to a physical
interface.
1
Go to Firewall > Address.
2
Select Create New to add firewall addresses that match the source and destination IP
addresses of VLAN packets.
See
3
Go to Firewall > Policy.
4
Add firewall policies as required.
Note: A VLAN must not have the same name as a virtual domain or zone.