Ok, so I have a Fortigate 200D POE with 5.4.6 on it.
Can the experts explain to me what the software switch feature from Fortinet. I read the documentation, http://docs-legacy.fortinet.com/fos50hlp/50/index.html#page/FortiOS%205.0%20Help/interfaces.100.05.html, and I don't get it.
I configured software switch for port1 and 2 on the Fortinet and I connected each of those ports to my Cisco core sw1 and and core sw2. sw1 and sw2 are connected to each other and run hsrp. When I did that I got a loop. So I am not sure how to make this work or may be the software switch feature is not the solution. Thx
Posted by1 year ago
Archived
It currently works with the following config:
I have a 'hardware switch' with 3 VLANs assigned to it, along with network port 9-16.
These are effectively trunk ports, correct?
9 is attached to a physical switch that is set up with those 3 VLANs in it, and access ports are configured past that to allow for different workstations to be on different VLANs.
I then have ports 10-16 attached to 7 different POE Meraki APs so that each AP knows about each of the 3 VLANs, plus has power, and the assign SSIDs for each VLAN.
This all works. I am not a fan of how it is set up, but that's what I got.
I now am upgrading my network switches, and want to make use of the SFP ports on the FGT and my new switches for a better uplink..
I want to add a couple more VLANs to this HW switch (already assigned individually to other hw ports on the FGT), and also assign the DMZ2 port to this HW switch.. I spoke with a FortiGate rep and they said due to a hardware limitation, DMZ ports are not able to be part of that hardware switch.. but they can be part of a virtual switch, and I can then add the hw switch to that vswitch.. and then assign my VLAN configs to that vswitch..
I am going to try that configuration, but I know using vswitches creates unnecessary CPU overhead so I am trying to come up with a better solution.
It's really strange to me that I can't just make VLAN configs and assign them to multiple interfaces.. Once you assign a VLAN to HW switch 1, you cant also assign that same VLAN to SW Switch 1 or HW Port 3 or whatever. right???
My thoughts are to separate my wireless VLANs from my wired VLANs. VLAN20 wired would be 20, and Wireless would be like VLAN21 and so on. That way, I could assign all the wireless VLANs to a HW Switch using port 10-16 and then my wired VLANs all would go on DMZ2 to my physical switches.. does this make sense?
Minus getting POE injectors for my APs (or powering them another way) I don't see any other way to accomplish this.
Anyone have other suggestions?
Thanks!
edit: formatting
22 comments
My experience with the 7 Fortigates that we have has been to stay away from using software switch if at all possible, due to performance issues. Using software switch prevents offloading to any built in asic chips your Fortigate may have.
I've never tried adding a subinterface to the WAN port, but I'd assume it would work the same as the other ports on the Fortigate.
Can you show the cli config of the 2 sub-interfaces that you tried to create?
Maybe try using a port other than WAN2..
My sub-interfaces look something like this:
edit 'intVLAN254'
set vdom 'root' set ip 10.0.0.1 255.255.255.0 set interface 'internal5' set vlanid 254 next Fortigate Switch Mode
Posted by8 months ago
Archived
Hi!
I have Fortigate 100E and it has many ports in hardware switch. I am using port 2 as my downlink to switch and couple of ports for DMZ and WAN.
So I have around 6 free ports. The Fortigate is running in active passive mode.
The uplink from switch is in VLAN 100 as default gateway with point to point link between HP and firewall.
I want to use the rest of the ports. What is the best way to do it.
Should I use hardware switch?
Should I use Link aggregation?
Asphalt 7: Heat for Windows 10 (Windows), free and safe download. Asphalt 7: Heat for Windows 10 latest version: Throw away the rule book and burn the. Asphalt 7 heat free download for android. Download Asphalt 7: Heat for Android now from Softonic: 100% safe and virus free. More than 874 downloads this month. Download Asphalt 7: Heat latest. 7/10 (179 votes) - Download Asphalt 7: Heat Android Free. Take part in brilliant car races once you download Asphalt 7: Heat. Up to 60 sports cars and 15.
Please give suggestion on this.
Software Switch Hardware Switch Fortigate Download![]() Fortigate Software
Thanks
15 comments
Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |