Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
crlic
New Contributor

Created on ‎05-08-2024 01:21 AM

L2 Traffic Forwarding

Hello,

 

We have the following setup:

 

Screenshot 2024-05-08 111556.png

 

Today, there is no firewall separating the switches. Our main goal is to make sure that PC1 is able to connect PC2 using LAYER2 TRAFFIC (no DG) ONLY. 

 

Is it possible to achieve this goal based on the following facts:

1. There's a trunk interface between the switches and the firewall.

2. The VLANs under the trunk are L3.

3. I can't add any more physical ports.

 

Can I configure VLAN 100 as layer 2 so that broadcast traffic will be forwarded?

 

Labels:
161
0 Kudos
2 REPLIES 2
ozkanaltas
Contributor III

Created on ‎05-08-2024 01:26 AM Edited on ‎05-08-2024 01:27 AM

Hello @crlic ,

 

You can achieve this request in two ways. 

 

First, you can connect switches back to back. Second, you can use FortiGate interfaces as a software switch. 

 

You can find more information about software switch in that link. 

 

https://docs.fortinet.com/document/fortigate/7.4.3/administration-guide/277799/software-switch

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configuring-software-switch/ta-p/197786

 

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
155
0 Kudos
AEK
SuperUser
SuperUser

Created on ‎05-08-2024 10:25 AM Edited on ‎05-08-2024 10:28 AM

Hi

In addition to Atlas' suggestion, as alternative you should be able to achieve this using use virtual wire pair.

https://docs.fortinet.com/document/fortigate/7.4.3/administration-guide/166804/virtual-wire-pair

 

Or transparent VDOM.

https://docs.fortinet.com/document/fortigate/6.2.16/cookbook/986787/nat-and-transparent-mode

 

So you have choice depending on your design and requirements.

AEK
AEK
106
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.