[Fortigate-#11]- VLAN on Port

안녕하세요. 

 

이번에는 VLAN를 Port에 할당해서 설정하는 방법에 대해서 알아보겠습니다.

 

 

방화벽 설정

 

1. Create New버튼을 클릭 합니다. 

 

2.  VL10 interface를 설정합니다. 

Name: VL10

Alias: VL10

Type: VLAN

Interface: Port6

VLAN ID: 10

Role: LAN

IP: 10.10.10.254/24

 

2.  VL20 interface를 설정합니다. 

Name: VL20

Alias: VL20

Type: VLAN

Interface: Port6

VLAN ID: 20

Role: LAN

IP: 20.20.20.254/24

 

아래처럼 Port6에 VLAN interface들이 생성 되었습니다. 

 

Switch에서 설정합니다.

1. Vlan 설정

Switch(config)#vlan 10 Switch(config-vlan)#vlan 20 Switch(config-vlan)#end

 

2 Trunk 설정 Gi1/0/1

interface GigabitEthernet1/0/1  switchport mode trunk end

 

3. SVI 설정

Switch(config)#int vlan 10 Switch(config-if)#ip address 10.10.10.253 255.255.255.0 Switch(config-if)#int vlan 20 Switch(config-if)#ip add 20.20.20.253 255.255.255.0 Switch(config-if)#end

 

케이블을 연결 합니다.

Fortigate port6 <---> port g1/0/1 SW

 

4. Switch에서 상태 확인. VLAN and interface

Switch#show vlan brie VLAN Name                             Status    Ports ---- -------------------------------- --------- ------------------------------- 1    default                          active    Gi1/0/2, Gi1/0/3, Gi1/0/4                                                 Gi1/0/5, Gi1/0/6, Gi1/0/7                                                 Gi1/0/8, Gi1/0/9, Gi1/0/10                                                 Gi1/0/11, Gi1/0/12, Gi1/0/13                                                 Gi1/0/14, Gi1/0/15, Gi1/0/16                                                 Gi1/0/17, Gi1/0/18, Gi1/0/19                                                 Gi1/0/20, Gi1/0/21, Gi1/0/22                                                 Gi1/0/23, Gi1/0/24, Te1/1/1                                                 Te1/1/2, Te1/1/3, Te1/1/4 4    VLAN0004                         active 10   VLAN0010                         active 20   VLAN0020                         active 70   VLAN0070                         active 71   VLAN0071                         active 72   VLAN0072                         active 73   VLAN0073                         active 1002 fddi-default                     act/unsup 1003 token-ring-default               act/unsup 1004 fddinet-default                  act/unsup 1005 trnet-default                    act/unsup Switch#show ip int brie Interface              IP-Address      OK? Method Status                Protocol Vlan1                  unassigned      YES NVRAM  up                    up Vlan10                 10.10.10.253    YES manual up                    up Vlan20                 20.20.20.253    YES manual up                    up

 

5. Ping테스트

Switch#ping 10.10.10.254 source vlan 10 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.10.10.254, timeout is 2 seconds: Packet sent with a source address of 10.10.10.253 .!!!! Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/1 ms Switch#ping 20.20.20.254 source vlan 20 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 20.20.20.254, timeout is 2 seconds: Packet sent with a source address of 20.20.20.253 .!!!! Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/1 ms

 

지금까지 방화벽 Port6에 VLAN interface를 생성해서 동작하는 방법에 대해서 알아보았습니다. 

 

지금까지 글을 읽어주셔서 감사합니다.