• Home

  • Documents

  • USER GUIDE FortiGate VLANs and VDOMs Version 3 · PDF fileIntroduction About FortiGate VLANs...
212
www.fortinet.com FortiGate VLANs and VDOMs Version 3.0 USER GUIDE

USER GUIDE FortiGate VLANs and VDOMs Version 3 · PDF fileIntroduction About FortiGate VLANs and VDOMs FortiGate VLANs and VDOMs Version 3.0 User Guide 01-30007-83388-20081024 7 Introduction

Embed Size (px)

Citation preview

  • www.fortinet.com

    FortiGate VLANs and VDOMs Version 3.0

    U S E R G U I D E

  • FortiGate VLANs and VDOMs User GuideVersion 3.024 OCTOBER 200801-30007-83388-20081024

    Copyright 2008 Fortinet, Inc. All rights reserved. No part of this publication including text, examples, diagrams or illustrations may be reproduced, transmitted, or translated in any form or by any means, electronic, mechanical, manual, optical or otherwise, for any purpose, without prior written permission of Fortinet, Inc.

    TrademarksDynamic Threat Prevention System (DTPS), APSecure, FortiASIC, FortiBIOS, FortiBridge, FortiClient, FortiGate, FortiGate Unified Threat Management System, FortiGuard, FortiGuard-Antispam, FortiGuard-Antivirus, FortiGuard-Intrusion, FortiGuard-Web, FortiLog, FortiAnalyzer, FortiManager, Fortinet, FortiOS, FortiPartner, FortiProtect, FortiReporter, FortiResponse, FortiShield, FortiVoIP, and FortiWiFi are trademarks of Fortinet, Inc. in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

  • Contents

    ContentsIntroduction ........................................................................................ 7

    About FortiGate VLANs and VDOMs ............................................................... 7

    About this document......................................................................................... 7Document conventions.................................................................................. 7

    FortiGate documentation ................................................................................. 8

    Related documentation ................................................................................... 10Fortinet Knowledge Center ......................................................................... 10Comments on Fortinet technical documentation......................................... 10

    Customer service and technical support ...................................................... 10

    Introduction to VLANs and VDOMs................................................ 11Virtual LANs ..................................................................................................... 11

    VLAN layer-2 switching ............................................................................... 13VLAN layer-3 routing................................................................................... 15Rules for VLAN IDs ..................................................................................... 17

    Virtual Domains ............................................................................................... 18Inter-VDOM routing ..................................................................................... 18Management VDOM ................................................................................... 19Administration of VDOMs............................................................................ 19Global and VDOM settings.......................................................................... 20

    Using VLANs in NAT/Route mode.................................................. 25Configuring your FortiGate unit ..................................................................... 25

    Adding VLAN subinterfaces ........................................................................ 26Configuring firewall policies and routing...................................................... 28

    Example VLAN configuration in NAT/Route mode....................................... 29Network Layout ........................................................................................... 29Configuration overview................................................................................ 31Configuring the FortiGate unit ..................................................................... 31Configuring the VLAN switch ...................................................................... 37Testing the configuration............................................................................. 38

    Example VLAN configuration in NAT/Route mode (advanced)................... 39Network Layout ........................................................................................... 40Configuration overview................................................................................ 41Configuring FortiGate interfaces and routing .............................................. 42Configuring FortiGate firewalls .................................................................... 45Configuring the FortiGate unit IPSec VPN .................................................. 52Configuring the VPN client .......................................................................... 54Configuring the VLAN switches................................................................... 56Testing the configuration............................................................................. 57

    FortiGate VLANs and VDOMs Version 3.0 User Guide 01-30007-83388-20081024 3

  • 4

    Contents

    Using VDOMs in NAT/Route mode................................................. 61Benefits of VDOMs .......................................................................................... 61

    Easier administration .................................................................................. 61Continued security maintenance................................................................. 62Savings in physical space and power ......................................................... 62

    Getting started with VDOMs........................................................................... 63Enabling VDOM configuration..................................................................... 63Viewing the VDOM list ................................................................................ 64Creating, Disabling, and Deleting VDOMs.................................................. 66Increasing the number of VDOMs............................................................... 68Creating VDOM administrators ................................................................... 69Accessing and configuring VDOMs ............................................................ 70

    Configuring VDOMs ........................................................................................ 71Changing the management VDOM............................................................. 72Adding interfaces and VLAN subinterfaces to a VDOM.............................. 72Configuring VDOM routing.......................................................................... 75Configuring firewall policies for a VDOM .................................................... 79Configuring VPNs for a VDOM ................................................................... 81

    Example VDOM configuration ........................................................................ 82Network layout ............................................................................................ 82General configuration steps ........................................................................ 83Creating the VDOMs................................................................................... 84Configuring the FortiGate interfaces ........................................................... 85Configuring the ABCdomain VDOM............................................................ 88Configuring the DEFdomain VDOM............................................................ 91Testing the configuration............................................................................. 95

    Example VDOM configuration (advanced) .................................................... 98Network Layout ........................................................................................... 98General configuration steps ...................................................................... 100Creating the VDOMs................................................................................. 100Configuring the School VDOM.................................................................. 100Configuring the Business VDOM .............................................................. 109Configuring the VLAN switches ................................................................ 121Testing the configuration........................................................................... 123

    Inter-VDOM routing........................................................................ 125Benefits of inter-VDOM routing.................................................................... 125

    Freed-up physical interfaces..................................................................... 126More speed than physical interfaces ........................................................ 126Continued support for secure firewall policies .......................................... 126Configuration flexibility .............................................................................. 127

    FortiGate VLANs and VDOMs Version 3.0 User Guide 01-30007-83388-20081024

  • Contents

    Getting started with VDOM links .................................................................. 127Viewing VDOM links.................................................................................. 128Creating a VDOM link ............................................................................... 129Deleting a VDOM link................................................................................ 130

    Advanced inter-VDOM issues....................................................................... 131Advanced inter-VDOM routing ................


THE FORTINET SECURITY FABRIC SECURES IoT · FortiGate 60E FortiGate 30E FortiGate 80E FortiGate 1500D Fortinet’s core firewall platform, FortiGate, is powered by our purpose-built

THE FORTINET SECURITY FABRIC SECURES IoT · FortiGate 60E FortiGate 30E FortiGate 80E FortiGate 1500D Fortinet’s core firewall platform, FortiGate, is powered by our purpose-built

Documents
20081024 proceso ordinario

20081024 proceso ordinario

Internet
20081024 Some issues in Software and Services research

20081024 Some issues in Software and Services research

Technology
FortiGate® Серия 300E...FortiGate® Серия 300E Межсетевой экран FortiGate 300E и 301E FortiGate Серии 300E представляет межсетевой

FortiGate® Серия 300E...FortiGate® Серия 300E Межсетевой экран FortiGate 300E и 301E FortiGate Серии 300E представляет межсетевой

Documents
Lecture10 : VLANs

Lecture10 : VLANs

Documents
FortiGate 100E Series Data Sheet - Fortinet 100E Series 5 SPECIFICATIONS FORTIGATE 100E FORTIGATE 101E FORTIGATE 100EF FORTIGATE 140E FORTIGATE 140E-POE Hardware Specifications GE

FortiGate 100E Series Data Sheet - Fortinet 100E Series 5 SPECIFICATIONS FORTIGATE 100E FORTIGATE 101E FORTIGATE 100EF FORTIGATE 140E FORTIGATE 140E-POE Hardware Specifications GE

Documents
Mod8 vlans

Mod8 vlans

Technology
FortiGate/FortiWiFi 50E Series Data Sheet · SEE FortiGate/FortiWiFi® 50E Series FortiGate 50E, FortiWiFi 50E/-2R, FortiGate/FortiWiFi 51E and FortiGate 52E Enterprise Branch Secure

FortiGate/FortiWiFi 50E Series Data Sheet · SEE FortiGate/FortiWiFi® 50E Series FortiGate 50E, FortiWiFi 50E/-2R, FortiGate/FortiWiFi 51E and FortiGate 52E Enterprise Branch Secure

Documents
Virtual LANs. Overview VLAN Basics VLAN Types Identifying VLANs VLAN Trunking Protocol Routing between VLANs Configuring VLANs

Virtual LANs. Overview VLAN Basics VLAN Types Identifying VLANs VLAN Trunking Protocol Routing between VLANs Configuring VLANs

Documents
OMA WP Mobile Codes 20081024 A

OMA WP Mobile Codes 20081024 A

Documents
Configuring VLANs · Note: Before you create VLANs, you must decide whether to use VLAN Trunking Protocol (VTP) to maintain global VLAN ... Configuring VLANs VLANs

Configuring VLANs · Note: Before you create VLANs, you must decide whether to use VLAN Trunking Protocol (VTP) to maintain global VLAN ... Configuring VLANs VLANs

Documents
END USER VERSION - Wavelink...FortiGate-300A, 300C, 310B, 311B, 400A FortiGate-300D FortiGate-500A FortiGate-500D FortiGate-620B, 621B FortiGate-600D FortiGate-800, 800F FortiGate-600C,

END USER VERSION - Wavelink...FortiGate-300A, 300C, 310B, 311B, 400A FortiGate-300D FortiGate-500A FortiGate-500D FortiGate-620B, 621B FortiGate-600D FortiGate-800, 800F FortiGate-600C,

Documents
20081024 Bio Metrics Overview Brief

20081024 Bio Metrics Overview Brief

Documents
Configuring Routing Between VLANs · Configuring Routing Between VLANs ThismoduleprovidesanoverviewofVLANs.Itdescribestheencapsulationprotocolsusedforrouting

Configuring Routing Between VLANs · Configuring Routing Between VLANs ThismoduleprovidesanoverviewofVLANs.Itdescribestheencapsulationprotocolsusedforrouting

Documents
Resumen vlans

Resumen vlans

Education
VLANs - Anandp

VLANs - Anandp

Documents
Transparent Mode. Module Objectives By the end of this module participants will be able to: Describe FortiGate unit operating modes Describe how VLANs

Transparent Mode. Module Objectives By the end of this module participants will be able to: Describe FortiGate unit operating modes Describe how VLANs

Documents
VLANs Module 2. 2 VLANs VLANs Trunking VLAN Trunking Protocol (VTP)

VLANs Module 2. 2 VLANs VLANs Trunking VLAN Trunking Protocol (VTP)

Documents
Vlans Design

Vlans Design

Documents
FortiGate/FortiWiFi 50E Series Data Sheet · 2018. 12. 10. · FortiGate/FortiWiFi ® 50E Series FortiGate 50E, FortiWiFi 50E/-2R, FortiGate/FortiWiFi 51E and FortiGate 52E Enterprise

FortiGate/FortiWiFi 50E Series Data Sheet · 2018. 12. 10. · FortiGate/FortiWiFi ® 50E Series FortiGate 50E, FortiWiFi 50E/-2R, FortiGate/FortiWiFi 51E and FortiGate 52E Enterprise

Documents
FortiGate 200D Series - webapplicationfirewall.irwebapplicationfirewall.ir/Download/FortiGate-200D-utm-firewall.pdf · FortiGate 200D Series FortiGate 200D, 200D-POE, 240D, 240D-POE

FortiGate 200D Series - webapplicationfirewall.irwebapplicationfirewall.ir/Download/FortiGate-200D-utm-firewall.pdf · FortiGate 200D Series FortiGate 200D, 200D-POE, 240D, 240D-POE

Documents
Vlans Trunks

Vlans Trunks

Documents
VLANs Lecture

VLANs Lecture

Documents
Wireless Vlans

Wireless Vlans

Documents
VLANs Redes

VLANs Redes

Documents
Vlans Cisco

Vlans Cisco

Documents
Layer2 Vlans

Layer2 Vlans

Documents
Fortigate CookThe FortiGate Cookbook 5.2

Fortigate CookThe FortiGate Cookbook 5.2

Documents
FinalCertification Report FortiGate - FMV · Virtual machines: FortiGate-VM00, FortiGate-VM01, FortiGate-VM02, FortiGate-VM04, FortiGate-VM08 Security Target Fortinet FortiGate Next

FinalCertification Report FortiGate - FMV · Virtual machines: FortiGate-VM00, FortiGate-VM01, FortiGate-VM02, FortiGate-VM04, FortiGate-VM08 Security Target Fortinet FortiGate Next

Documents
Objectives: Chapter 8: Virtual LAN (VLAN) VLAN definition and benefits * VLANs and broadcast domains * Routers role in VLANs * Types of VLANs * VLANs protocols:

Objectives: Chapter 8: Virtual LAN (VLAN) VLAN definition and benefits * VLANs and broadcast domains * Routers role in VLANs * Types of VLANs * VLANs protocols:

Documents