Configure Fortigate Management IP address in the same subnet of other interface

Fortigate CLI

In a branch office where there are few users with just one IP subnet used , I need to configure Fortigate Management interface in the same subnet of LAN.  By default, FortiGate doesn’t permit such configurations and if you still try to configure, you get an error “Conflicts with LAN subnet“.

Management Interface = 10.10.10.5

LAN Interface = 10.10.10.254

To override this default behaviour, login to CLI and execute these 2 commands.

# config system settings
(settings) # set allow-subnet-overlap enable

Now you can configure your Management interface.

Important Note: Management interface Role should never be the same as your LAN Role, then you will face weird routing and reachability issues.

In the Trusted Hosts setting, you can limit the IP address of hosts from which Fortigate GUI/console can be accessed.