Secondary IP configuration on Fortigate Firewall  

Helps in configuring secondary network scope for accommodating the new networking needs without disturbing the existing configuration.

Simple Network Topology:


 FG Interface Configuration:

+++++++++++++++++++++++++++

config system interface
    edit "port1"
        set vdom "root"
        set ip 192.168.0.108 255.255.255.0
        set allowaccess ping https ssh http
        set type physical
        set snmp-index 1
    next
    edit "port2"
        set vdom "root"
        set ip 14.140.40.108 255.255.255.0
        set allowaccess ping https ssh snmp
        set type physical
        set explicit-web-proxy enable
        set snmp-index 2
        set secondary-IP enable
        config secondaryip
            edit 1
                set ip 1.1.1.1 255.255.255.0
                set allowaccess ping
            next
            edit 2
                set ip 3.3.3.1 255.255.255.0
                set allowaccess ping
            next
        end
    next

+++++++++++++++++++++++++++

 

Comments

Popular posts from this blog

Configure IPsec site-to-site VPN in Linux Machine

TACACS+ Installation on Linux [CentOS]

Free Radius setup/configuration in Linux [Ubuntu/CentOS]