Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
416
Views
0
Helpful
1
Replies

SERVER IN THE WRONG VLAN

rim.elalami
Level 1
Level 1

‎11-05-2021 03:38 AM

Hello all,

I'm a new recrute on a company and I have to work on deleting the native VLAN1 from the network.

Normaly the gateways of all machines should be on a firewall (Fortigate), if it's not the case, it should be normalized.

I'm confused cause I find the machines that are supposed to be in VLAN 1 on a different VLAN.

Here's an exemple:

A capture from the Fortigate :

192.168.12.104 0 00:50:56:91:35:23 port5

The IP and MAC address of the machine, it's connected to port 5, which is also connected to a switch where the INTERFACE VLAN 1 is declared (network 192.168.12.96/27) Untill here we're good.

But when I look in the switch where the server is pluged, here's what I find :

50 00:50:56:91:35:23 dynamic ethernet1/1/5

Basically the machine is in a different VLAN (VLAN 50)

On the fortigate, I find that the VLAN50 is in a different subnet (192.168.12.32/27)

I looked in all the switches, and no INTERFACE VLAN 50 is declared, basically the only gateway is in the Firewall.

Does anyone of you have any idea of what this could be?

Thanks

 

Labels:
0 Helpful
1 Reply 1

paul driver
VIP
VIP

‎11-05-2021 04:42 AM

Hello
interface vlan 1 192.168.12.32/27 < host >
interface vlan 50 =192.168.12.96/27 <FortiGate and server >

The L3 for vlan 50 resides on FortiGate, however its physical port connection into a switch doesn’t have to be vlan 50 , it can be any vlan number, now for any other device on that same switch that’s has an ip address within the same subnet of the FW in this case the Server, Then it too needs to be on a port assigned the same vlan as the FW to be able to speak to it,

 

As for that host connected to a different switch on a port in vlan 1 if its need to route to the FW it should work accordingly as long there correct routing in place between the L3 interfaces of vlan 1 and vlan 50.


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents