Adding routes in transparent mode, Configuring the routing table – Fortinet FortiGate 50A User Manual
Page 102
102
Fortinet Inc.
Configuring routing
Network configuration
7
Set Device #2 to the FortiGate interface through which to route traffic to connect to
Gateway #2.
You can select the name of an interface or Auto (the default). If you select the name of
an interface, the traffic is routed to that interface. If you select Auto the system selects
the interface according to the following rules:
• If the Gateway #2 IP address is on the same subnet as a FortiGate interface, the
system sends the traffic to that interface.
• If the Gateway #2 IP address is not on the same subnet as a FortiGate interface,
the system routes the traffic to the external interface, using the default route.
You can use Device #2 to send packets to an interface that is on a different subnet
than the destination IP address of the packets without routing them using the default
route.
8
Select OK to save the route.
Adding routes in Transparent mode
Use the following procedure to add routes when operating the FortiGate unit in
Transparent mode.
To add a route in Transparent mode
1
Go to System > Network > Routing.
2
Select New.
3
Enter the Destination IP address and Netmask for the route.
4
Enter the Gateway IP address for the route.
5
Select OK to save the new route.
6
Repeat steps 1 to 5 to add more routes as required.
Configuring the routing table
The routing table shows the destination IP address and mask of each route that you
add, as well as the gateways and devices added to the route. The routing table also
displays the gateway connection status. A green check mark indicates that the
FortiGate unit has used the ping server and dead gateway detection to determine that
it can connect to the gateway. A red X means that a connection cannot be established.
A blue question mark means that the connection status is unknown. For more
information, see
“Adding a ping server to an interface” on page 97
.
The FortiGate unit assigns routes using a best match algorithm based on the
destination address of the packet and the destination address of the route. To select a
route for a packet, the FortiGate unit searches the routing table for a route that best
matches the destination address of the packet. If a match is not found, the FortiGate
unit routes the packet using the default route.
Note: Any two routes in the routing table must differ by something other than just the gateway to
be simultaneously active. If two routes added to the routing table are identical except for their
gateway IP addresses, only the route closer to the top of the routing table can be active.
Note: Arrange routes in the routing table from more specific to more general. For information
about arranging routes in the routing table, see