Skip to main content
Dan_Eng52
Dan_Eng52
Explorer III
November 13, 2025
Question

FortiSwitch Port Flapping

  • November 13, 2025
  • 7 replies
  • 2954 views

Hi all,

 

I hope you're well. 

 

I'm currently investigating some connectivity issues users are reporting on AVD displaying 'Paused Connection'. At this site, we're running FortiSwitch 448E-FPOE's and in the system events I am seeing many 'port has come up' and 'port has come down' logs.

 

Screenshot 2025-11-13 144026.jpg

 

I've reviewed the spanning-tree instance and confirmed that it is stable, root bridge is correct, no recent TCN's and no high usage of system resources (CPU/Memory) noted. There are no FCS errors or any other stats on the physical ports that would suggest faulty cables. 

 

All ports connect to Cisco IP phones and from the logs it looks like the physical port flaps first which then triggered STP port status changes. I'm going to test bypassing the phone and connecting the PC directly to our FortiSwitch to rule out the phone causing the issue but wanted to know if there are any other troubleshooting steps I can take to identify the route cause. 

 

Many thanks, 
Dan. 

7 replies

Anthony_E
Staff
Anthony_E
Staff
November 17, 2025

Hello Dan,


Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Thanks,

Best Regards
Jean-Philippe_P
Staff & Editor
Jean-Philippe_P
Staff & Editor
November 18, 2025

Hello,

 

We are still looking for an answer to your question.

 

We will come back to you ASAP.

Jean-Philippe - Fortinet Community Team
Jean-Philippe_P
Staff & Editor
Jean-Philippe_P
Staff & Editor
November 19, 2025

Hello Dan,

 

I found this solution. Can you tell us if it helps, please?

 

To further troubleshoot the connectivity issues and port flapping on your FortiSwitch, consider the following steps:

  1. Verify Cable and Transceiver Health: Use the command diagnose switch physical-ports cable-diag <port-name> on the FortiSwitch to check for any cable issues such as open circuits or shorts.

  2. Check for MAC Address Flapping: Use the command diagnose switch mac-addr list to check for frequent MAC address moves, which could indicate Layer 2 loops or issues with the connected devices.

  3. Review Event Logs: Use execute log display on the FortiSwitch to review detailed event logs for any patterns or anomalies that might indicate the cause of the port flaps.

  4. Analyze Port Statistics: Use diag switch physical-ports port-stats list <port number> to monitor for any incrementing errors or CRC errors on the ports.

  5. Test with Different Devices: As you mentioned, bypass the IP phones and connect PCs directly to the FortiSwitch to see if the issue persists, which can help isolate the problem to the phones or the switch.

  6. Check Power Supply: Ensure that the power supply to the FortiSwitch and connected devices is stable and not causing intermittent connectivity issues.

By following these steps, you should be able to gather more information to identify the root cause of the connectivity issues.

Jean-Philippe - Fortinet Community Team
AGoodOne
AGoodOne
New Member
November 21, 2025

Hi Jean-Philippe_P,

 

We are experiencing the exact same issue on our FortiSwitch-426E-FPOE's, but not with Cisco IP phones but with FortiAP devices connected. We have been trying to get this resolved with FortiSupport for months now, but they seem to be at a loss as to what causes the ports to go down.
At first we also thought Spanning-Tree to be the issue, but ruled that out after some testing. In this (and our) case STP reacts to the port going down. The question is: WHY does it go down? The logging does not tell.

I'm testing your 6 steps and the only step I do not really understand is step 2. What is a good and what is a bad output for this command?
I get a list of 81 entries but cannot seem to interperate what is OK and what not?

Jean-Philippe_P
Staff & Editor
Jean-Philippe_P
Staff & Editor
November 21, 2025

Hello AGoodOne,

 

I found this answer for you:

 

When using the command diagnose switch mac-addr list on a FortiSwitch, you are checking for MAC address flapping, which can indicate network instability. Here's how to interpret the output:

  1. Good Output:

    • Each MAC address should be associated with a single port.
    • The list should remain stable over time, with minimal changes.

  2. Bad Output:

    • If you see the same MAC address appearing on multiple ports frequently, this indicates MAC address flapping.
    • Frequent changes in the MAC address table can suggest a loop or a misconfiguration in the network.

If you observe MAC address flapping, it could be due to network loops, incorrect VLAN configurations, or faulty network devices. Ensure that your network topology is correctly configured and that there are no redundant paths without proper loop prevention mechanisms like STP.

 

Does it help you?

Jean-Philippe - Fortinet Community Team
diojanruiz
diojanruiz
New Member
May 6, 2026

Hi Guys,

Did you find any solution for this issue? In my case, I have some FortiSwitches 148FPoE and I am experiencing constant unexpected port disconnections. In this scenario, there is an HP docking station that connects all peripherals through its hub, and then a Thunderbolt cable is connected to the PC to provide full connectivity.

We already ruled out STP and TCN-related events. One of the TAC recommendations was to configure the ports with a fixed speed of 1Gbps, but none of these actions solved the issue.

Regards

sachitdas_FTNT
Staff
sachitdas_FTNT
Staff
May 8, 2026

Hi Dan,

Whats the FSW version, Cisco IP phone model & version? it could be POE issue. Below outputs can help:

get system status

get hardware status

get switch poe inline

 

Regards

Sachit

    diojanruiz
    diojanruiz
    New Member
    May 8, 2026

    Hi Sachitdas,

    Version: FortiSwitch-148F-POE v7.4.6,build0895,250129 (GA)
    Serial-Number: S148FPTF24010503
    Firmware Signature: valid
    Boot: Coldboot
    BIOS version: 04000016
    System Part-Number: P25490-03
    Burn in MAC: 04:01:a1:dd:d1:20
    Hostname: XXXXXXXX
    Security mode: none
    Distribution: International (r)
    Branch point: 895
    System time: Fri May  8 18:09:41 2026

     

    get hardware status
    Model name: FortiSwitch-148F-POE
    CPU: MIPS interAptiv (multi) V2.0
    RAM: 479 MB
    MTD Flash: 64 MB /dev/mtd
    Hard disk: not available
    Poe Firmware Version:2.2.3

    Interface   Status    State             Max-Power(W)   Power-consumption(W)   Priority   Class   Error
    ------------------------------------------------------------------------------------------------------------
    port1       Enabled   Delivering Power  30.0           5.10                   Low        4
    port2       Enabled   Delivering Power  30.0           5.40                   Low        4
    port3       Enabled   Delivering Power  30.0           5.50                   Low        4
    port4       Enabled   Delivering Power  30.0           5.50                   Low        4
    port5       Disabled  Disabled          0.00           0.00                   Low        0
    port6       Disabled  Disabled          0.00           0.00                   Low        0
    port7       Disabled  Disabled          0.00           0.00                   Low        0
    port8       Disabled  Disabled          0.00           0.00                   Low        0
    port9       Disabled  Disabled          0.00           0.00                   Low        0
    port10      Disabled  Disabled          0.00           0.00                   Low        0
    port11      Disabled  Disabled          0.00           0.00                   Low        0
    port12      Disabled  Disabled          0.00           0.00                   Low        0
    port13      Disabled  Disabled          0.00           0.00                   Low        0
    port14      Disabled  Disabled          0.00           0.00                   Low        0
    port15      Disabled  Disabled          0.00           0.00                   Low        0
    port16      Disabled  Disabled          0.00           0.00                   Low        0
    port17      Disabled  Disabled          0.00           0.00                   Low        0
    port18      Disabled  Disabled          0.00           0.00                   Low        0
    port19      Disabled  Disabled          0.00           0.00                   Low        0
    port20      Disabled  Disabled          0.00           0.00                   Low        0
    port21      Disabled  Disabled          0.00           0.00                   Low        0
    port22      Disabled  Disabled          0.00           0.00                   Low        0
    port23      Disabled  Disabled          0.00           0.00                   Low        0
    port24      Disabled  Disabled          0.00           0.00                   Low        0

     

    In our case, we don't have Cisco phones; we use a docking station, which consists of a monitor, an RJ45 network port, and USB ports. The connection to the laptop is made via a Thunderbolt cable.

     

    So far, we have not received any reports of disconnections; however, we would like to identify the root cause of the reported issue.

    Regards,

    diojanruiz
    diojanruiz
    New Member
    May 12, 2026

    Hi, 

    Today, we observed that the port remained active on both the PC and the switch side. However, the endpoint never released the IP address configured on the LAN interface. As a result, there was no connectivity, including unsuccessful ping tests even to the network gateway itself.

    The monitor model used as docking interface is the HP FHD Monitor E24u G5 USB-C.

    serickson
    serickson
    New Member
    June 1, 2026

    Any follow up on if/how you resolved this?  I have the issue happening in two locations with Polycom phones from Nextiva.  The ports that do not have a polycom phone seem stable.

    I also am not getting anywhere with Fortinet support.

    Terms & ConditionsAccessibility statement