Chapter 10 Install and System Administration for FortiOS 5.0 : VLANs : Troubleshooting VLAN issues : Layer-2 and Arp traffic : Vlanforward solution
  
Vlanforward solution
If you are using NAT mode, the solution is to use the vlanforward CLI command for the interface in question. By default, this command is enabled and will forward VLAN traffic to all VLANs on this interface. When disabled, each VLAN on this physical interface can send traffic only to the same VLAN. There is no cross-talk between VLANs, and ARP packets are forced to take one path along the network which prevents the multiple paths problem.
In the following example, vlanforward is disabled on port1. All VLANs configured on port1 will be separate and will not forward any traffic to each other.
config system interface
edit port1
set vlanforward disable
end
See Also
ARP traffic
Multiple VDOMs solution
Troubleshooting VLAN issues