Help
FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
FortiKoala
Staff
Staff

Created on ‎09-27-2018 07:24 AM

Article Id 193634

Technical Note: Set static routes using in Configuration Wizard

Description
The Additional Routes section is used for adding static routes for communication to the isolation VLANS.  These static routes help prevent asymmetric routing.   

Eth0 (Management Port) is configured as the port with the default gateway.  Eth1 is used for the isolation VLAN communication. 

Any traffic that enters eth1 will exit eth0 unless a static route for that network is added.  The static route forces the response to any traffic from the specified network to be transmitted out eth1.  

Example:
Application Server's Registration eth1 IP: 192.168.20.2
Eth1 gateway: 192.168.20.1.
Registration VLAN DHCP Lease Pool: 192.168.110.100-192.168.110.200 (mask 255.255.255.0)

Configuration Wizard Additional Route entry for Registration network would be the following:
Network: 192.168.110.0 (remote network)
Mask: 255.255.255.0  (remote network mask)
Gateway: 192.168.20.1 (eth1 default gateway)

This forces all traffic from the 192.168.110.0 network (which is expected to be received on eth1) to be transmitted out eth1.
Solution
Refer to related documents below for configuration instructions.
Labels:
1298
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.