Skip to main content
nrahman
nrahman
Explorer
July 1, 2022
Question

Looking for fortiswitching real scenario -Inter Vlan and Vlan

  • July 1, 2022
  • 5 replies
  • 3629 views

I am trying to find good short real scenario  for switch vlan configuration, inter-vlan routing , trunking and network segmentation documents.

5 replies

A
Anonymous_User
Contributor
July 4, 2022

Hello @nrahman 

 

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible. 

 

Thanks, 

    Fortinet Community Team 

 
vsiva
Staff
vsiva
Staff
July 5, 2022

Dear @nrahman 

 

There are two types major of Fortiswitch deployment , one is  Fortilink mode where switches will be managed by Fortigate, the other is standalone switch  deployment.

 

Below is supported  topology for fortilink deployment :

 

https://docs.fortinet.com/document/fortiswitch/6.4.2/devices-managed-by-fortios/617516/network-topologies

 

User guide :

 

https://docs.fortinet.com/document/fortiswitch/7.0.4/devices-managed-by-fortios/173270/fortiswitch-management

 

 

 

If the deployment method is fortilink ,  the L3 network will be on Fortigate itself and switches gateway for each vlan will be on the FGT. So FGT can route based on the policies and routes configured.

 

 

Standalone deployment guides:

 

https://docs.fortinet.com/document/fortiswitch/6.4.2/administration-guide/860027/mclag

 

Advanced scenarios :

 

https://docs.fortinet.com/document/fortiswitch/7.0.1/administration-guide/811127/using-layer-3-routing-within-an-mclag

 

 

Hope this helps .

 

 


Regards

Vigneash

nrahman
nrahmanAuthor
Explorer
July 6, 2022

Thanks for the guides. 

 

I have two FortiGate Unit with HA enabled and others Forti switches are all connected to each others without any redundant links.  so in this case what is the best configuration guide for fortiswitch - VLAN configuration . 

vsiva
Staff
vsiva
Staff
July 7, 2022

Dear @nrahman 

 

It depends on how many and  the model of switches .

I would recommend   an "mclag-icl" setup per the topology guide(supported for 1xx series above) :

 

https://docs.fortinet.com/document/fortiswitch/6.4.2/devices-managed-by-fortios/617516/network-topologies

 

The configuration of the switches will be done directly on the Fortigate.

Vlans will be created under "Managed Fortiswitch"/ "Fortiswitch vlan"

 

vsiva_0-1657182228338.png

 

Fortigate will be the gateway for all the vlans .

Switches will act as layer 2 in managed topologies.

 

 

Regards

Vigneash

nrahman
nrahmanAuthor
Explorer
July 20, 2022

Thank you so much for your information. I really appreciate it. 

 

What if I have more than 2 switches , for example I have 7 switches . How can I do that  ? 

    vsiva
    Staff
    vsiva
    Staff
    July 28, 2022

    Dear @nrahman 

     

    Yes with switches more than two switches,    we can have first two  core switches directly plugged into the FSW . Configure stacking b/w them (mclag-icl)  and connect end switches on the  core .

     

    Example architecture :

    Multi-tiered MCLAG with HA-mode FortiGate units

     

    vsiva_0-1658996393013.png

     

     

    All these switches will act managed with FGT and configuration will be in Fortigate for all switches.

     

    https://docs.fortinet.com/document/fortiswitch/6.4.2/devices-managed-by-fortios/617516/network-topologies

     

     

    Terms & ConditionsAccessibility statement