Skip to main content
ErikW
ErikW
New Member
November 3, 2020
Question

FortiGate + FortiSwitch - Ports don't intergrate. Am I missing something?

  • November 3, 2020
  • 2 replies
  • 8260 views

I've been using Fortigate for years, finally got a Fortisiwtch to add to my system, and it doesn't do what I thought it did.  Maybe I am missing something, so I thought I'd post here to see. (support was no help).

 

When you add a Fortiswitch to a Fortigate, it does not give you more ports to work with, it gives you a DIFFERENT set of ports to work with.

 

In my setup, I have a bunch of VLANS - I then have a few physical ports on the firewall that are VLAN trunk ports (all the VLANs are beneath it).  I currently run those ports to some HP switches where I can then trunk to a server or send a specific vlan.

 

I assumed adding a fortiswitch would allow me to do the same, but I can't.   The fortiswitch REQUIRES me to make a new set of VLANS  - they can use the same TAGS, but will not talk to the Fortgate VLANS.  The new Switch VLANS can ONLY be used in rules, and not in anything like a software switch.   So no linking to existing networks, requires all new IP ranges. Can't link a SSID.

 

I'm almost thinking I need to run 2 cables from the FG to the FS - 1 for control, and one as a VLAN trunk and just use the common GUI for ease of management, but treat them as 2 separate systems.

 

Does anyone have any better ideas?

 

2 replies

boneyard
boneyard
Valued Contributor
November 7, 2020

they integrate well enough if you start using them from the start (or migrate everything once you add them) and primarily use the FortiSwitch for your ports, not longer your FortiGate.

 

that is how it is, no better news for you.

 

i do understand what you were hoping for and it would have been awesome but that requires a whole different level of engineering and possible issues.

ac1
ac1
Explorer III
August 2, 2021

You must use the FortiLink port and Software Switch for propagate the vlans on others ports of FortiGate.

khalavak
khalavak
New Member
December 5, 2021

Hello @ac1 

Can you please elaborate on how to use the FortiLink port for VLANS and then propagate them on other ports on FortiGate using Software switch?

 

ac1
ac1
Explorer III
December 5, 2021

Hi Khalavak,

Respect these steps:

1- create softwarw switch for each vlan

2- assigne the ip on the software switch

3- create vlan on fortilink, do not assigne ip or other settings

4- add vlan to software switch

 

The fortilink propagate the vlans on each fortiswitch.

Terms & ConditionsAccessibility statement