Chapter 19 Virtual Domains : Virtual Domains in NAT/Route mode : Virtual domains in NAT/Route mode : Configuring interfaces in a NAT/Route VDOM : Adding a VLAN to a NAT/Route VDOM
  
Adding a VLAN to a NAT/Route VDOM
The following example shows one way that multiple companies can maintain their security when they are using one FortiGate unit with VLANs that share interfaces on the unit.
This procedure will add a VLAN interface called client1-v100 with a VLAN ID of 100 to an existing VDOM called client1 using the physical interface called port2.
 
The physical interface does not need to belong to the VDOM that the VLAN belongs to.
To add a VLAN subinterface to a VDOM - web-based manager
1. Go to Global > Network > Interfaces.
2. Select Create New.
3. Enter the following information and select OK:
Name
client1-v100
Interface
port2
VLAN ID
100
Virtual Domain
Client1
Addressing mode
Manual
IP/Netmask
172.20.120.110/255.255.255.0
Administrative Access
HTTPS, SSH
You will see an expand arrow added to the port2 interface. When the arrow is expanded, the interface shows the client1-v100 VLAN subinterface.
To add a VLAN subinterface to a VDOM - CLI
config global
config system interface
edit client1-v100
set type vlan
set vlanid 100
set vdom Client1
set interface port2
set ip 172.20.120.110 255.255.255.0
set allowaccess https ssh
end