Skip to main content
spathak
Staff
spathak
Staff
September 2, 2019

Technical Tip: How to add or remove physical interface from Hardware/Software switch

  • September 2, 2019
  • 0 replies
  • 103465 views

Description

 

This article describes how to add or remove a physical interface from a Hardware/Software switch. 

 

Scope

 

FortiGate.

Solution

 

To add the Physical interface to the hardware switch, follow these steps:

Note
All references to the physical interface must be removed, and the IP address of the physical interface must be set to 0.0.0.0/0.0.0.0 to add it to a hardware/software switch.
At least one interface should be a member of a switch, or it will be necessary to delete the switch configuration completely.

Via the GUI:

 

  1. Go to Interface -> Hardware Switch.
  2. Under Interface Members, select 'add'.

Select the respective physical interface from the 'Select Entries list'.

 

Stephen_G_0-1722959329129.png

 
 

To remove the interface, deselect the interface from the Interface Members list by selecting the 'x' mark from Interface Members.

Via the CLI:

To add a Physical interface to a hardware switch:


 config system virtual-switch
    edit lan
        config port
            edit <interface name>                               <- Physical interface name.

        end

end


 To remove the interface from the hardware switch:


config system virtual-switch
    edit lan
        config port
            delete <interface name>                             <- Physical interface name.

        end

end

 

For v7.2.8 FortiOS and above:

It is required to set a physical switch for the hardware switch interface to get the option to configure the 'config port'.

Before configuring the physical switch:

 

FG4H1F-5 # config system virtual-switch

FG4H1F-5 (virtual-switch) # edit lan
new entry 'lan' added

FG4H1F-5 (lan) # config port

command parse error before 'port'
Command fail. Return code 1

 

After configuring the physical switch:

 

FG4H1F-5 # config system virtual-switch

FG4H1F-5 (virtual-switch) # edit internal
new entry 'internal' added
FG4H1F-5 (internal) # set physical-switch sw0
FG4H1F-5 (internal) # config port

 

To add the Physical interface to the software switch, follow these steps:

Via the GUI:

  1. Go to: Interface -> Software Switch -> Edit.
    Interface Name: Internal.
    Type: Software Switch.

  2. On Interface Members, select 'add'. Select the respective physical interface from the 'Select Entries list'.

 

Stephen_G_1-1722959535826.png


To remove the interface, deselect the interface from the Interface Members list.

Via the CLI:

To add a Physical interface to the software switch:


 config system switch-interface
    edit internal
        set member <list of interface>
end

 

When adding an interface to a software switch configuration, make sure all other interfaces are added to the member list.
   
For example:


 config system switch-interface
    edit internal
        set member lan1 lan2                           <- Currently, lan1 and lan2 are members of an internal software switch.
    next


To add lan4, re-add all of the interfaces to the member list.


 config system switch-interface
    edit internal
        set member lan1 lan2 lan4
    next
end

 

To remove the interface from the software switch:

 

config system switch-interface
    edit internal
        unselect member  lan4                          <- Physical interface name.
    next
end

 

Note:

The hardware switch is only available on physical FortiGates. 

The Hardware switch option is not visible in the FortiGate interface when 'VLAN Switch' is displayed instead. To resolve this issue, disable 'VLAN switch mode' under System -> Settings -> System Operating Settings. For additional details, refer to the related article. 

 

Related article:

Technical Tip: FortiGate does not support 'Hardware Switch' type 

Terms & ConditionsAccessibility statement