Setting Fortinet 60D interface ports for multi-VLAN

I have a Fortinet 60D on a multi-VLAN network environment.
I want to each interface port  of the firewall to be possible for assign  untagged VLANS.

Is it possible to make the bellow settings, where the port 1 is for all VLANs trunk and management interface, and the others ports I can choose what vlan to assign?


PORT 2 (vlan 10)-----DESKTOPS
|
|            PORT 3 (vlan 20) ------SECURITY CAMERA
|            |
|            |            PORT 4 (vlan 20)------SECURITY CAMERA
|            |            |
|            |            |       PORT 5 (vlan 50) ------WIFI    
|            |            |              
:::::::::::::::::::::::::::::::::::::::::::::::::::::
:::::::::: FORTINET FIREWALL  ::::
:::::::::::::::::::::::::::::::::::::::::::::::::::::
|
PORT 1 of Fortinet (TRUNK PORT + management interface)
|
|
|      <<<    TRUNK CHANNEL (with all vlans passing throught 10,20,50)
|
|
SWITCH (L3, ROUTING ENABLED)
|
|
...rest of the network...
edu87Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

myramuCommented:
Hi,

Yes, It is possible to use a single fortigate port to connect the trunk port and define vlans.
Refer following fortinet KBs for more information,
http://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD30883
http://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD31639

good luck!
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Joey YungSenior Network EngineerCommented:
Why will you need a trunk interface with all vlan but also have another separate interface for these specific vlan? I'm not sure it is work or not, but seems a strange design...
0
edu87Author Commented:
Ok myramu I will try creating VDOMs.

Just on simple question before try this VDOMs way: I am trying to make my vlans to pass through the Fortigate and go out to Internet, but is not working. I tryed to use this tutorial lab from Fortinet but didnt worked for me:

http://docs-legacy.fortinet.com/fos50hlp/50/index.html#page/FortiOS%205.0%20Help/VLANs.103.17.html

I created two default routes, one  for VLAN_10 and another for VLAN_20 and didn´t work. Tryed to remove the VLAN_20 default and stay with just the VLAN_10 but not worked too.

default-route.PNGroute.PNGinterfaces.PNGpolicy.PNG
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.