cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 

Problem with VLAN routing

Problem with VLAN routing

Peter_Kulmbrein
New Contributor II
Hi all,

I try to set up a x450-G2-24t with XOS 16.1.1.4 as a router for clients that want to access a specific host at 10.12.0.241 in a /24 net. Clients are in a 172.30.x.x/16 net.

I configured the vlans (vlan tag 100 and vlan tag 10) and enabled ipforwarding globally and for the vlans. what is working so far is pinging the switch ip in the 10.12.0.x lan from the 172.30.x.x switch ip. what also works is pinging the 10.12.0.241 host ip from the 10.12.x.x switch ip.

But when trying to ping the host ip from the 172.30.x.x switch ip i get no answer.

so what did i miss? do i have to add some specific routing?

thankful for any tips!

Peter
14 REPLIES 14

Peter_Kulmbrein
New Contributor II
Hi,

Sorry to get back a bit later but finally i got the infos you asked for:

they only have one untagged physical interface running on the forti - i asked to setup vlan interfaces now

the /16 net was already setup so I have to take it as it is šŸ˜‰
the fortigate acts as a gateway

now im waiting for feedback if enabling the vlan interfaces on the forti did help!

thx so far!
Peter

Drew_C
Valued Contributor III
Hi Peter, any luck getting this resolved?

Jarek
New Contributor II
Do you have 2 vlans on fortigate 100 and 10?
And one another question, do you really need a mask /16 ?
This is a lot of hosts in one vlan.

And last, the fortigate act as a gateway or as a switch ?
--
Jarek

Peter_Kulmbrein
New Contributor II
you are right - what i forgot to mention is that I setup a route at the Fortigate C60 Office for 10.12.0.0/24 - GW:10.12.0.244.

but it seems as my x450 doesnt forward anything - when i try to reach HostA vom the x440 (tested with ping 10.12.0.241 from 172.30.1.239) i get no answer; if i try to reach 10.12.0.244 from 172.30.1.239 that works...

same thing when i try to reach 172.30.1.1 from HostA no answer with ping, if i try to ping it from the x450 ok

i will have a close look on the clientside once again

Peter
GTM-P2G8KFN