Where to have VLANs Live?

Forum|Forum|5 years ago
June 19, 2020
1 reply
3941 views

So i'm completely new to Fortinet and have a new 60F and S124EP switch for my lab. The 60F is connected to Forticloud and the S124EP is connected to the 60F using FortiLink. I'm looking at building out a few VLAN's and having a hard time understanding the best place for the gateway to live for these. Should everything be built on the Fortiswitch and have that do DHCP and everything or should all the VLAN interfaces be built on the 60F? Suggestions? Advantages one way or another?

Best answer by emnoc

Fortilinks are management protocol specific for FGT and FortiSW integration. You can read up about them here.

https://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-managing-fortiswitch-330-54/FortilinkConfig.htm

Ken Felix

emnoc

New Member

Depends on what security needs. Do you want to protect traffic between vlans ? if yes than put the vlans on the fortigate and trunk them to the switch keep in mind throughput for internal vlan-2-vlan is going to be limited the firewall and it's performance. So a BIG winded backup could be impacted if other vlans traffic needs bandwidth.

Ken Felix

AndrewRAuthor

New Member

emnoc, Thank You. That is basically what I thought, since the switch isn't L3. Normally I build the vlans on a L3 Core switch but since that is not an option here. I was just confused by those whole concept of "FortiLink" and what that really does and if it changes anything.

emnocAnswer

New Member

Fortilinks are management protocol specific for FGT and FortiSW integration. You can read up about them here.

https://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-managing-fortiswitch-330-54/FortilinkConfig.htm

Ken Felix

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded