Hello,
I have problem with transparent mode. Here is my actually topology:
On router I have subinterface configured like this:
[style="background-color: #00ff00;"] interface FastEthernet0/0.4[/style]
[style="background-color: #00ff00;"] encapsulation dot1Q 4[/style]
[style="background-color: #00ff00;"] ip address 4.4.4.1 255.255.255.0[/style]
[style="background-color: #00ff00;"] ip nat inside[/style]
[style="background-color: #00ff00;"] ip virtual-reassembly[/style]
First I configured on Fortigate Vlans 2,3,4 on physical port „Lan1” and „Wan1”
[style="background-color: #ff0000;"]edit "vlan2_intern"[/style]
[style="background-color: #ff0000;"]set vdom root[/style]
[style="background-color: #ff0000;"]set forward-domain 2[/style]
[style="background-color: #ff0000;"]set interface "lan1"[/style]
[style="background-color: #ff0000;"]set vlanid 2[/style]
[style="background-color: #ff0000;"]next[/style]
[style="background-color: #ff0000;"]edit "vlan2_extern"[/style]
[style="background-color: #ff0000;"]set vdom root[/style]
[style="background-color: #ff0000;"]set forward-domain 2[/style]
[style="background-color: #ff0000;"]set interface "wan1"[/style]
[style="background-color: #ff0000;"]set vlanid 2[/style]
[style="background-color: #ff0000;"]next[/style]
Vlan 3 have forward domain 3, etc.
Where is problem ?
When I ping from 2.2.2.2 his Gateway 2.2.2.1- working, other Gateway like 3.3.3.1 – working, Server 3.3.3.2 – working. But when i want open browser 3.3.3.2 from another network (2.2.2.2) – doesnt working. When I ping 3.3.3.2, 3.3.3.1 from Fortigate – I get (DUP!)… When I ru n sniffer, FGT show me that my packet answer me from vlan2 and physically port lan/wan… On physically port i have set option „vlanforward” disable.
So i decided to change FGT configuration – delete all vlans, and on physically interface set vlanforward enable. Every works fine, but traffic is not check by policy „lan-wan” – show me 0B, so my UTM functions doesnt work…
Device FGT50E
Firmware 5.4.5
Do you have any idea ?
