Skip to main content
btp
btp
New Member
October 6, 2017
Question

Change of VLAN ID

  • October 6, 2017
  • 3 replies
  • 29239 views

All,

I find it quite unbelievable that you can't change the VLAN ID of an interface once it has been created. This must be the only network equipment we own that does not allow this. And we have a lot.

 

So - this I do want.

 

/BT

3 replies

neonbit
neonbit
New Member
October 7, 2017

Backup the config, edit the interfaces VLAN ID and restore the config. It will require a reboot of the firewall.

btp
btpAuthor
New Member
October 7, 2017

Yes - I know how to change the VLAN ID. But that it either requires to rewrite the config with policies, routes etc, or a reboot - it seems so last century..

Carl_Wallmark
Carl_Wallmark
New Member
October 8, 2017

I couldn´t agree more! 

 

I have talked to guys on events and asked why this is impossible, but they cannot come up with a good answer.

Probably the only vendor that doesn´t allow this except for recreating everything or change the config file and do a reboot.

 

I wonder how this is working in a big datacenter where they change vlan IDs all the time, "sorry but we need to reboot the firewall 10 times a day because we need to change vland id......"

MikePruett
MikePruett
New Member
October 13, 2017

There are a few interface settings and behaviors that do this

Carl_Wallmark
Carl_Wallmark
New Member
October 13, 2017
An Enterprise firewall in my world is a device that does not need a reboot for any configuration change, uptime should be 100% - thats an enterprise firewall.
schwit
schwit
New Member
February 14, 2022

It boggles the mind that Fortinet still hasn't fixed this.

    JianWu
    Staff
    JianWu
    Staff
    August 4, 2022

    This feature is added in 7.0+

    https://docs.fortinet.com/document/fortigate/7.0.0/new-features/885870/interface-migration-wizard

     

    Before it is available, it does require some effort.

    One way to do is to create a new VLAN interface, and replace all the references the old one is associated (such as firewall policy).

    In the GUI/Network interfaces, on the far right, you should see a # associated with the old VLAN interface object.. click it and you will see where it is used/referenced.

     

    Hope this helps.

    Jian Wu

      Terms & ConditionsAccessibility statement