FortiGate Version 3.0 MR4 Administration Guide
102 01-30004-0203-20070102
VLANs in Transparent mode System Network
To add a VLAN subinterface in Transparent mode
The VLAN ID of each VLAN subinterface must match the VLAN ID added by the
IEEE 802.1Q-compliant router or switch. The VLAN ID can be any number
between 1 and 4096. You add VLAN subinterfaces to the physical interface that
receives VLAN-tagged packets.
1 Go to System > Network > Interface.
2 Select Create New to add a VLAN subinterface.
3 Enter a Name to identify the VLAN subinterface.
4 Select the physical interface that receives the VLAN packets intended for this
VLAN subinterface.
5 Enter the VLAN ID that matches the VLAN ID of the packets to be received by this
VLAN subinterface.
6 Select which virtual domain to add this VLAN subinterface to.
See “Using virtual domains” on page 61 for information about virtual domains.
7 Configure the administrative access, and log settings as you would for any
FortiGate interface.
See “Interface settings” on page 72 for more descriptions of these settings.
8 Select OK to save your changes.
The FortiGate unit adds the new subinterface to the interface that you selected.
9 Select Bring up to start the VLAN subinterface.
To add firewall policies for VLAN subinterfaces
Once you have added VLAN subinterfaces you can add firewall policies for
connections between VLAN subinterfaces or from a VLAN subinterface to a
physical interface.
1 Go to Firewall > Address.
2 Select Create New to add firewall addresses that match the source and
destination IP addresses of VLAN packets.
See “About firewall addresses” on page 235.
3 Go to Firewall > Policy.
4 Add firewall policies as required.
Note: A VLAN must not have the same name as a virtual domain or zone.
To Next Page
Loading...
