Technical Note: Behaviour on the GUI of the Interface Role introduced in v5.4
Products
FortiGate v5.4
Description
This article describes the behavior of how the GUI option will change based on the configured interface role under the interface.

FortiOS 5.4 introduced new 4 interface roles.  Each interface can be defined as LAN, WAN, DMZ or with Undefined role option.  Based on this configuration non relevant parts of the configuration are removed from the GUI based on the selected role.
Solution
Role type

1.    Undefined role
  • All options in GUI are shown and configurable

2.    WAN role
  • Interface is used to connect to the internet
  • Interface is set to DHCP by default
  • The following features and options are hidden:
- Device Identification
- One-arm sniffer
- Dedicate to extension/fortiap modes
- DHCP server
- Security mode and Admission control

3.    LAN role
  • Interface is used to connect to local network with endpoints
  • The following features and options are hidden (in 5.4.0 only):
- Secondary IP address

4.    DMZ role
  • Interface is used to connect to servers
  • The following features and options are hidden:
- Secondary IP address (5.4.0 only)
- DHCP server
- Admission Controls

The following screenshot is an example of the GUI where the interface is set with undefined role where all options are configurable.

Last Modified Date: 02-27-2017 Document ID: FD38714