Vlan Overview - Fortinet FortiGate FortiGate-800 Installation And Configuration Manual

Network configuration

VLAN overview

FortiGate-800 Installation and Configuration Guide
• Enable secure administrative access to this interface using only HTTPS or SSH,
• Do not change the system idle timeout from the default value of 5 minutes (see
set the system idle timeout" on page
To configure the management interface in Transparent mode
1 Go to System > Network > Management.
2 Change the Management IP and Netmask as required.
This must be a valid address for the network that you want to manage the FortiGate
unit from.
3 Add a default gateway IP address if the FortiGate unit must connect to a default
gateway to reach the management computer.
4 Select the administrative access methods for each interface.
HTTPS To allow secure HTTPS connections to the web-based manager through this
interface.
PING If you want this interface to respond to pings. Use this setting to verify your
installation and for testing.
HTTP To allow HTTP connections to the web-based manager through this interface.
HTTP connections are not secure and can be intercepted by a third party.
SSH To allow SSH connections to the CLI through this interface.
SNMP To allow a remote SNMP manager to request SNMP information by connecting to
this interface. See
TELNET To allow Telnet connections to the CLI through this interface. Telnet connections
are not secure and can be intercepted by a third party.
5 Select Log for each interface that you want to record log messages whenever a
firewall policy accepts a connection to this interface.
6 Select Apply to save the changes.
FortiGate units support IEEE 802.1Q Virtual LAN (VLAN) technology. A VLAN is group
of PCs, servers, and other network devices that communicate as if they were on the
same LAN segment, even though they may not be. For example, the workstations and
servers for an accounting department could be scattered throughout an office,
connected to numerous network segments, but they can still belong to the same
VLAN.
A VLAN segregates devices logically instead of physically. Each VLAN is treated as a
broadcast domain. Devices in VLAN 1 can connect with other devices in VLAN 1, but
cannot connect with devices in other VLANs. The communication among devices on a
VLAN is independent of the physical network.
A VLAN segregates devices by adding 802.1Q VLAN tags to all of the packets sent
and received by the devices in the VLAN. VLAN tags are 4-byte frame extensions that
contain a VLAN identifier as well as other information.
170).
"Configuring SNMP" on page
VLAN overview
173.
"To
145