beautypg.com

Adding vlan subinterfaces to a virtual domain, Adding zones to virtual domains – Fortinet FortiGate-800 User Manual

Page 150

background image

150

Fortinet Inc.

Virtual domains in Transparent mode

Network configuration

Adding VLAN subinterfaces to a virtual domain

Use the following procedure to add VLAN subinterfaces to a virtual domain. You must
add at least two VLAN subinterfaces to each virtual domain. In most configurations a
virtual domain is used to send VLAN-tagged packets received at one FortiGate
physical interface to another FortiGate physical interface (for example, from the
internal interface to the external interface). For this to occur, you must add VLAN
subinterfaces to the receiving and sending physical interfaces (for example, to the
internal and external interfaces.

To add VLAN subinterfaces to a virtual domain

1

Go to System > Network > VLAN.

2

Select the Virtual Domain to add the VLAN subinterface to.

3

Select New to add a VLAN subinterface.

4

Type a Name for the VLAN subinterface.

5

Select the interface to associate the VLAN subinterface with.
The VLAN subinterface must be added to the FortiGate interface that receives the
VLAN-tagged packets.

6

Enter a VLAN ID for the VLAN subinterface.
The VLAN ID can be any number between 1 and 4095.

7

Optionally, select a zone to add the VLAN subinterface to a zone.
To add a zone to a virtual domain, see

“Adding zones to virtual domains” on page 150

.

8

Select OK to add the VLAN subinterface.

9

Repeat these steps to add more VLAN subinterfaces to the virtual domain.

To configure management access and traffic logging for VLAN subinterfaces

1

Go to System > Network > Management.

2

Configure management access as required for the VLAN subinterfaces that you have
added.
You can select HTTPS, PING, SSH, SNMP, HTTP, or TELNET.

3

Select Log to configure traffic logging for the VLAN subinterfaces that you have
added.

Adding zones to virtual domains

Add zones to a virtual domain to group together related VLAN subinterfaces. Use
zones to simplify firewall policy creation if you have many VLAN subinterfaces in a
virtual domain. For more information about zones, see

“Configuring zones” on

page 137

. Use the following procedure to add a zone to a virtual domain.

See also other documents in the category Fortinet Hardware: