Troubleshooting Tip: Allowed VLANs on the trunk port are deleted when adding new allowed VLANs on Switch Manager GUI

Description

This article describes a workaround and behavior where adding an allowed VLAN to a trunk port on FortiSwitch managed by FortiGate results in the removal of existing VLANs from the configuration. 

Scope

FortiOS 7.4.11.

Solution

This behavior will occur when there is more than 4 allowed VLANs on the trunk ports and modification is needed to add more. Attached screenshots shows the issue while adding the allowed VLANs under FortiSwitch trunk ports via GUI.

Go to WiFi & Switch Controller -> FortiSwitch Ports -> Trunk Ports and select the port that needs to be edited.

Follow the below workaround to add the VLANs on FortiSwitch Trunk ports:

1. Instead of using the GUI to edit the allowed VLANs, use the CLI.

config switch-controller managed-switch
     edit <Switch-ID>
         config ports
             edit <Trunk_Port_Name>
                 append allowed-vlans "VLAN400" "VLAN500"
             next
         end
     end

2. Now verify on the GUI page that VLAN's entries are showing correctly.

Note: The issue is tracked under ID 1275148 and scheduled to be fixed in FortiOS version 7.6.8 and 8.0.1.