WAN Type: Routing Mode Example 2
This example shows the scenario where a private subnet between the WAN router and FortiWAN. In addition, the public IP subnet inside the FortiWAN DMZ port requires a router.
Sample Configuration:
l Assume the private IP subnet (192.168.0.0/24) is between the WAN link router and FortiWAN WAN port. l FortiWAN’s port 1 IP (192.168.0.253) is connected to the WAN link router (192.168.0.254). l FortiWAN’s Port 3 is DMZ with a public IP subnet (211.20.103.254/24). l The LAN part behind FortiWAN has another public IP subnet (211.20.104.0/24 behind a router (211.20.103.253).
Configuration Steps:
- In the UI: [System] → [Network Settings] → [WAN Settings] sub-function.
- Select “1” on the WAN Link menu and select [Enable].
- In the WAN Type scroll menu, select [Routing Mode].
- In the WAN Port field, enter [Port 1].
- Enter the corresponding up and down stream bandwidths.
- In the IPv4 Gateway field, enter [192.168.0.254].
- In the IPv4 Basic Subnet function, use [+] to create new rules, and select [subnet in DMZ] in the Subnet Type field.
- In the IP(s) on Localhost field, enter [211.20.103.254].
- In the Netmask field, enter [255.255.255.0].
- In the DMZ Port field, enter [Port 3].
- In the IPv4 Static Routing Subnet field, use [+] to add new rules with Subnet Type as [Subnet in DMZ]. In this example, there is a router in the DMZ port for the public IP subnet and the subnet does not connect to the FortiWAN directly. Therefore the subnet info should be filled in the “Static Routing Subnet” field.
- In the Network IP field, enter [211.20.104.0].
- In the Netmask field, enter [255.255.255.0].
- In the Gateway field, enter [211.20.103.253].
- Go to [WAN/DMZ Private Subnet] sub-function page and select [+] in the IPv4 Basic Subnet and add the following rules:
- Set the Subnet Type as “Subnet in WAN”.
- In the IP(s) on Localhost field, enter [192.168.0.253].
- In the Netmask field, enter [255.255.255.0].
- In the WAN Port field, select [Port 1], and the configuration is complete.