Skip to main content
Keeran
Keeran
Explorer
June 14, 2023
Solved

FortiSwitch Sections explained

  • June 14, 2023
  • 2 replies
  • 2235 views

Can anyone explain me what can be done under:

  1. System > Network > Interface > Physical
  2. System > Network > Interface > VLAN
  3. Switch > Port > Physical
  4. Switch > Interface > Physical
  5. Switch > VLAN 

I tried to understand it, but couldn't. Thankyou for any help.

Best answer by saneeshpv_FTNT

System > Network > Interface > Physical - This is a Physical Interface/Port on the FortiSwitch. You can assign IP address to a Physical interface for managing the FortiSwitch (Static or DHCP)

 

System > Network > Interface > VLAN - This is SVI - A Logical L3 Interface created under a Physical Interface, You can assign IP address and VLAN ID here. You can create multiple SVIs with different Subnet and VLAN IDs under the same Physical Interface. This make FortiSwitch as an L3 device with Gateway on the FortiSwitch

 

Switch > Port > Physical - This configuration section is to define the FortiSwitch Physical ports (Layer 2) specfic settings like "Link Speed, Frame Size, Admin Status, PPPOE Settings, Frame Size etc.
config switch physical-port
edit <port_name>
set status {up | down}
set description <string>
set max-frame-size <bytes_int>
set speed {1000auto | 100full | 100half | 10full | 10half | auto | 10000cr | 10000full | 10000sr | 1000full | auto-module}
set poe-status {enable | disable}
next
end

 

 

Switch > Interface > Physical - This configuration section is to define the FortiSwitch Physical port specfic Layer 2 settings like Native VLAN, Allowed VLAN's, Port Security, MAB & other L2 security settings like BPDU Guard, Root Guard, Loop Protection,.

config switch interface
edit port30
set stp-state enabled
set edge-port enabled
set stp-bpdu-guard enabled
set stp-bpdu-guard-timeout 60
next
end

 

Switch > VLAN - This is where you create all your VLANs

2 replies

saneeshpv_FTNT
Staff
saneeshpv_FTNTAnswer
Staff
June 14, 2023

System > Network > Interface > Physical - This is a Physical Interface/Port on the FortiSwitch. You can assign IP address to a Physical interface for managing the FortiSwitch (Static or DHCP)

 

System > Network > Interface > VLAN - This is SVI - A Logical L3 Interface created under a Physical Interface, You can assign IP address and VLAN ID here. You can create multiple SVIs with different Subnet and VLAN IDs under the same Physical Interface. This make FortiSwitch as an L3 device with Gateway on the FortiSwitch

 

Switch > Port > Physical - This configuration section is to define the FortiSwitch Physical ports (Layer 2) specfic settings like "Link Speed, Frame Size, Admin Status, PPPOE Settings, Frame Size etc.
config switch physical-port
edit <port_name>
set status {up | down}
set description <string>
set max-frame-size <bytes_int>
set speed {1000auto | 100full | 100half | 10full | 10half | auto | 10000cr | 10000full | 10000sr | 1000full | auto-module}
set poe-status {enable | disable}
next
end

 

 

Switch > Interface > Physical - This configuration section is to define the FortiSwitch Physical port specfic Layer 2 settings like Native VLAN, Allowed VLAN's, Port Security, MAB & other L2 security settings like BPDU Guard, Root Guard, Loop Protection,.

config switch interface
edit port30
set stp-state enabled
set edge-port enabled
set stp-bpdu-guard enabled
set stp-bpdu-guard-timeout 60
next
end

 

Switch > VLAN - This is where you create all your VLANs

    Toshi_Esumi
    SuperUser
    Toshi_Esumi
    SuperUser
    June 14, 2023

    As @saneeshpv_FTNT, explained CLI is more easier to understand the structure of FortiSwitch config, if you know FortiGate's CLI structure.

    Just to reiterate,

    • config system interface - mostly L3 config of interfaces
    • config switch interface - L2 config of interfaces
    • config switch physical-port - L2/L1 config of interfaces

     

    Toshi

    Terms & ConditionsAccessibility statement