Skip to main content
Shagma
Shagma
New Member
October 30, 2018
Question

SPAN and FGT30D

  • October 30, 2018
  • 2 replies
  • 6931 views

Hi!

 

According to my google searches, SPAN is supported on Fortigates with HW switch. This document: https://docs.fortinet.com/uploaded/files/3621/SWMTX-560-201704-R21.pdf suggests that a FGT30D has a hardware switch and thereby should support SPAN. Still I am not seeing the Hardware type being available from CLI when i go to config system switch-interface:

 

FWF30D (internal) # set type switch Switch. hub Hub.

 

I still tried to configure SPAN on it which it allowed me to do, but I can't get it to work:

 

config system switch-interface edit "internal" set member "lan1" "lan3" "lan4" set span enable set span-dest-port "lan1" set span-source-port "lan4" next

 

Firmware is really old at v5.2.3,build670

Any ideas? Is SPAN really supported on such low end device?

    2 replies

    Toshi_Esumi
    SuperUser
    Toshi_Esumi
    SuperUser
    October 30, 2018

    They changed the software structure some point in 5.2.x related to hardware switch config. But "config system switch-interface" is config for soft-switch.

    Best chance would be upgrading it to the last 5.2, which is 5.2.13 then remove them from "switch-interface" and configure them under "config system virtual-interface" if the step-by-step upgrade process doesn't automatically convert the "internal" to hard-switch.

    Toshi_Esumi
    SuperUser
    Toshi_Esumi
    SuperUser
    October 31, 2018

    At least I used SPAN with FG60D or E w/ 5.4.x earlier this year. So I know for sure it works with these models.

    Shagma
    ShagmaAuthor
    New Member
    November 1, 2018

    Thanks guys. Will probably try to upgrade the FW and see how it behaves.

    adogra
    adogra
    New Member
    January 4, 2019

    Hi Guys.   I'm using fortigate 200D firmware 5.4.1 in HA mode. Need to attach Darktrace appliance for network analysis and deep inspection. Could anyone please advice how if I can use fortigate 200 D and span/port mirror to another interface.   2) can I use multiple existing ports like  WAN1, other ports  in firewall to mirror onto 1 interface in FW. That I can use for deep inspection for appliance?   3) If yes to above query how?

     

     

    Terms & ConditionsAccessibility statement