Fortinet black logo

SD-WAN / SD-Branch Deployment Guide

Home FortiGate / FortiOS 7.0.0 SD-WAN / SD-Branch Deployment Guide
7.0.0
7.0.0

Configuring VLANs in the switch controller

Configuring VLANs in the switch controller

VLANs will be created for the following items:

  • Point of Sales (POS) systems
  • Employee WiFi
  • Guest WiFi
  • Security Cameras
  • Phones

Following is a summary of the procedure:

  1. Create a VLAN. See Creating VLANs.
  2. Configure FortiSwitch ports. See Configure FortiSwitch ports.

Repeat these steps for each VLAN you will use. For example:

Branch subnet

10.0.1.0/24

Staff

10.0.1.129/26 (10.0.1.128 - 10.0.1.191)

Security Cameras

10.0.1.193/27 (10.0.1.192 – 10.0.1.223)

POS subnet

10.0.1.225/28 (10.0.1.224 – 10.0.1.239)

Voice subnet

10.0.1.241/28 (10.0.1.240 – 10.0.1.255)

Reserved for Staff wireless

10.0.1.0/25 (10.0.1.0 - 10.0.1.127)

Creating VLANs

To create VLANs in the switch controller:
  1. Go to WiFi & Switch Controller > FortiSwitch VLANs, and click Create New. The New Interface pane is displayed.
  2. Set the following options to create a VLAN for POS:
    1. Set Interface Name to POS.
    2. Set VLAN ID to 100.
    3. Set Color to Red.
    4. Set Role to LAN.
    5. In the IP/Netmask box, enter a subnet for your POS. In this example 10.0.1.225/28 is used.
    6. Enable DHCP Server for IPv4 or IPv6, if required.
    7. Enable Device detection.
    8. Enable Block intra-VLAN traffic.
  3. Click OK. The VLAN is created.

Configure FortiSwitch ports

To configure FortiSwitch ports:
  1. Go to WiFi & Switch Controller > FortiSwitch Ports.
  2. Click a port row.
  3. Click the Native VLAN column in one of the selected entries to change the native VLAN.
  4. Select the appropriate VLAN from the displayed list. The new value is assigned to the selected port.
  5. Click the + icon in the Allowed VLANs column to change the allowed VLANs.
  6. Select one or more of the VLANs (or the value all) from the displayed list. The new value is assigned to the selected port.
Previous
Next

Configuring VLANs in the switch controller

VLANs will be created for the following items:

  • Point of Sales (POS) systems
  • Employee WiFi
  • Guest WiFi
  • Security Cameras
  • Phones

Following is a summary of the procedure:

  1. Create a VLAN. See Creating VLANs.
  2. Configure FortiSwitch ports. See Configure FortiSwitch ports.

Repeat these steps for each VLAN you will use. For example:

Branch subnet

10.0.1.0/24

Staff

10.0.1.129/26 (10.0.1.128 - 10.0.1.191)

Security Cameras

10.0.1.193/27 (10.0.1.192 – 10.0.1.223)

POS subnet

10.0.1.225/28 (10.0.1.224 – 10.0.1.239)

Voice subnet

10.0.1.241/28 (10.0.1.240 – 10.0.1.255)

Reserved for Staff wireless

10.0.1.0/25 (10.0.1.0 - 10.0.1.127)

Creating VLANs

To create VLANs in the switch controller:
  1. Go to WiFi & Switch Controller > FortiSwitch VLANs, and click Create New. The New Interface pane is displayed.
  2. Set the following options to create a VLAN for POS:
    1. Set Interface Name to POS.
    2. Set VLAN ID to 100.
    3. Set Color to Red.
    4. Set Role to LAN.
    5. In the IP/Netmask box, enter a subnet for your POS. In this example 10.0.1.225/28 is used.
    6. Enable DHCP Server for IPv4 or IPv6, if required.
    7. Enable Device detection.
    8. Enable Block intra-VLAN traffic.
  3. Click OK. The VLAN is created.

Configure FortiSwitch ports

To configure FortiSwitch ports:
  1. Go to WiFi & Switch Controller > FortiSwitch Ports.
  2. Click a port row.
  3. Click the Native VLAN column in one of the selected entries to change the native VLAN.
  4. Select the appropriate VLAN from the displayed list. The new value is assigned to the selected port.
  5. Click the + icon in the Allowed VLANs column to change the allowed VLANs.
  6. Select one or more of the VLANs (or the value all) from the displayed list. The new value is assigned to the selected port.
Previous
Next