System Network Configuring interfaces
FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903 185
http://docs.fortinet.com/ • Feedback
To configure a specific type of interface, refer to the appropriate section. To configure:
• an aggregate interface, see “Creating an 802.3ad aggregate interface” on page 186.
• a redundant interface, see “Creating a redundant interface” on page 187.
• a VLAN subinterface, see “Creating a VLAN subinterface” on page 185.
• a wireless interface, see “Adding a wireless interface” on page 219.
Creating a VLAN subinterface
A VLAN subinterface, sometimes called a VLAN or a VLAN interface, is a virtual interface
on a physical interface. The subinterface allows routing of VLAN tagged packets using that
physical interface, but it is separate from any other traffic on the physical interface.
To add a VLAN subinterface
1 Go to System > Network > Interface.
2 Select Create New and set Type to VLAN to add a VLAN subinterface.
3 Configure the VLAN subinterface settings.
The VLAN subinterface must have a Name, and parent physical Interface, and a VLAN
ID. See “Interface settings” on page 181.
4 Select OK.
To view the new VLAN subinterface, select the expand arrow next to the parent physical
interface (the internal interface). This will expand the display to show all VLAN
subinterfaces on this physical interface. If there is no expand arrow displayed, there are no
subinterfaces configured on that physical interface.
For each VLAN, the list displays the name of the VLAN, and, depending on column
settings, its IP address, the Administrative access you selected for it, the VLAN ID
number, and which VDOM it belongs to if VDOMs are enabled.
For more information, see the FortiGate VLANs and VDOMs Guide.
Creating a loopback interface
A loopback interface is an ‘always up’ virtual interface that is not connected to any other
interfaces. Loopback interfaces connect to a FortiGate unit’s interface IP address without
depending on a specific external port.
Loopback interfaces were added to assist with blackhole routing which drops packets sent
to a particular network address. For more information on blackhole routing, see “Blackhole
Route” on page 337.
A loopback interface is not connected to hardware, so it is not affected by hardware
problems. As long as the FortiGate unit is functioning, the loopback interface is active.
This ‘always up’ feature is useful in dynamic routing where the
FortiGate unit relies on
remote routers and the local Firewall policies to access to the loopback interface.
To add a loopback interface - web-based manager
1 Go to System > Network > Interface.
2 Select Create New and set Type to Loopback Interface to add a loopback interface.
Note: In Transparent mode, if you change the MTU of an interface, you must change the
MTU of all interfaces to match the new MTU.
To Next Page
Loading...
Need help?
General