Fortinet black logo

Cookbook

Assigning interfaces

Copy Link
Copy Doc ID a4a06ec3-12a7-11e9-b86b-00505692583a:698358
Download PDF

Assigning interfaces

In this example, you assign two interfaces each to VDOM-A and VDOM-B: one for Internet access and one for use by the local network.

You can’t change the VDOM assignment if an interface is used in an existing FortiGate configuration. You may need to delete existing policies and routes in order to add a particular interface, as some FortiGate models have default configurations.

  1. To assign an interface that provides VDOM-A with Internet access, go to Network > Interfaces and edit an interface (in the example, wan 1).

  2. Set Virtual Domain to VDOM-A and Role to WAN.

  3. Check if your ISP provides an IP address for you to use or if the ISP equipment uses DHCP to assign IP addresses.

    • If your ISP provides an IP address, set Addressing mode to Manual and set the IP/Network Mask to that IP address.

    • If your ISP equipment uses DHCP, set Addressing mode to DHCP to allow the equipment to assign an IP address to WAN1.

  4. To assign an interface for the VDOM-A internal network, go to Network > Interfaces and edit the interface (in the example, port 1).

  5. Set Virtual Domain to VDOM-A and Role to LAN.

  6. Set Addressing Mode to Manual, assign an IP/Network Mask to the interface (in the example, 192.168.46.1/255.255.255.0), and set Administrative Access to HTTPS, PING, and SSH.

  7. If you need to assign IP addresses to devices on your internal network, enable DHCP Server.

  8. Repeat the above steps to assign interfaces to VDOM-B.

Assigning interfaces

In this example, you assign two interfaces each to VDOM-A and VDOM-B: one for Internet access and one for use by the local network.

You can’t change the VDOM assignment if an interface is used in an existing FortiGate configuration. You may need to delete existing policies and routes in order to add a particular interface, as some FortiGate models have default configurations.

  1. To assign an interface that provides VDOM-A with Internet access, go to Network > Interfaces and edit an interface (in the example, wan 1).

  2. Set Virtual Domain to VDOM-A and Role to WAN.

  3. Check if your ISP provides an IP address for you to use or if the ISP equipment uses DHCP to assign IP addresses.

    • If your ISP provides an IP address, set Addressing mode to Manual and set the IP/Network Mask to that IP address.

    • If your ISP equipment uses DHCP, set Addressing mode to DHCP to allow the equipment to assign an IP address to WAN1.

  4. To assign an interface for the VDOM-A internal network, go to Network > Interfaces and edit the interface (in the example, port 1).

  5. Set Virtual Domain to VDOM-A and Role to LAN.

  6. Set Addressing Mode to Manual, assign an IP/Network Mask to the interface (in the example, 192.168.46.1/255.255.255.0), and set Administrative Access to HTTPS, PING, and SSH.

  7. If you need to assign IP addresses to devices on your internal network, enable DHCP Server.

  8. Repeat the above steps to assign interfaces to VDOM-B.