Add VLAN subinterfaces
The VLAN ID of each VLAN subinterface must match the VLAN ID added by the IEEE 802.1Q-compliant router or switch. The VLAN ID can be any number between 1 and 4094, with 0 being used only for high priority frames and 4095 being reserved. You add VLAN subinterfaces to the physical interface that receives VLAN-tagged packets.
For this example, we are creating a VLAN called internal_v225 on the internal interface, with a VLAN ID of 225. Administrative access is enabled for HTTPS and SSH. VDOMs are not enabled.
To add VLAN subinterfaces in transparent mode - web-based manager
1. Go to System > Network > Interface.
2. Select Create New.
3. Enter the following information and select OK.
Name | internal_v225 |
Type | VLAN |
Interface | internal |
VLAN ID | 225 |
Administrative Access | Enable HTTPS, and SSH. These are very secure access methods. |
Comments | VLAN 225 on internal interface |
The FortiGate unit adds the new subinterface to the interface that you selected.
Repeat steps 2 and 3 to add additional VLANs. You will need to change the VLAN ID, Name, and possibly Interface when adding additional VLANs.
To add VLAN subinterfaces in transparent mode - CLI
config system interface
edit internal_v225
set interface internal
set vlanid 225
set allowaccess HTTPS SSH
set description “VLAN 225 on internal interface”
set vdom root
end
See Also