Skip to main content
curieux
curieux
New Member
June 25, 2015
Question

switch vs. interface mode - referring to Cisco ASA

  • June 25, 2015
  • 2 replies
  • 3473 views

Hi

means Fortinet Mode Interface on Cisco Mode Access Port ?

means Fortinet Mode Switch on Cisco trunk Port ?

so if Interface mode is configured  no trunk informations will come to the fortinet FW ?

 

 

I understand :

Switch mode - make sense if I have Switches  and a trunk ports and sent plug the trunk port to the fortinet Firewall

which can be separated than on the Firewall. Right ?

 

Interface mode - most of us have Switches vlans trunks etc. so where does it make sense to define the Interface mode ?

 

 

I read the paper , but ..............:

 

What are Switch mode and Interface mode and why are they used?

In Switch mode, all the internal interfaces are part of the same subnet and treated as a single interface, called either

[size="2"]lan [/size]or [size="2"]internal [/size]by default, depending on the FortiGate model. Switch mode is used when the network layout is basic, with most users being on the same subnet.

In Interface mode, the physical interfaces of the FortiGate unit are handled individually, with each interface having its own IP address. Interfaces can also be combined by configuring them as part of either hardware or software switches, which allow multiple interfaces to be treated as a single interface. This

 

 

thx for help

 

 

 

    2 replies

    curieux
    curieuxAuthor
    New Member
    June 25, 2015

    I read more :

    Switch mode for small offices

    ------------------------------------

    Switch mode e.g. will be used for small Offices , means I connect pc1 to port 1 , pc2 to port 2 and Printer to port 7

    so all Clients belong to the same Network e.g. 192.168.1.0/24 . means all end devices are connected to the Firewall

    Not used at big companies . right ?

     

    Interface mode for companies and Switch infrastructure

    -------------------------------------------------------------------

    Interface mode e.g. I have 7 ports where I can define different vlans with 7 different Network IP ranges.

    right ?

    How to handle a trunk ?

     

     

     

    emnoc
    emnoc
    New Member
    June 25, 2015

    Not sure what the  question are but switch mode means all of the ports within that  switch group act like a "switch" . Interface mode means all  ports are defined as a layer3 interface ( you address each port as a  layer3 address  802.1q tagged or not )

     

    The switchmode is best in comparison to let's say a ASA5505 . I hope this blog post will help;

     

    http://socpuppet.blogspot.com/2015/01/fortigate-switch-controller.html

     

    How and where you use the 2 depends on your env and if you need or don't have a layer2 switch.

     

     

    Terms & ConditionsAccessibility statement