Description
This article describes how to add or remove a physical interface from a Hardware/Software switch.
Scope
FortiGate.
Solution
To add the Physical interface to the hardware switch, follow these steps:
Note:
All references to the physical interface must be removed, and the IP address of the physical interface must be set to 0.0.0.0/0.0.0.0 to add it to a hardware/software switch.
At least one interface should be a member of a switch, or it will be necessary to delete the switch configuration completely.
Via the GUI:
- Go to Interface -> Hardware Switch.
- Under Interface Members, select 'add'.
Select the respective physical interface from the 'Select Entries list'.
To remove the interface, deselect the interface from the Interface Members list by selecting the 'x' mark from Interface Members.
Via the CLI:
To add a Physical interface to a hardware switch:
config system virtual-switch
edit lan
config port
edit <interface name> <- Physical interface name.
end
end
To remove the interface from the hardware switch:
config system virtual-switch
edit lan
config port
delete <interface name> <- Physical interface name.
end
end
For v7.2.8 FortiOS and above:
It is required to set a physical switch for the hardware switch interface to get the option to configure the 'config port'.
Before configuring the physical switch:
FG4H1F-5 # config system virtual-switch
FG4H1F-5 (virtual-switch) # edit lan
new entry 'lan' added
FG4H1F-5 (lan) # config port
command parse error before 'port'
Command fail. Return code 1
After configuring the physical switch:
FG4H1F-5 # config system virtual-switch
FG4H1F-5 (virtual-switch) # edit internal
new entry 'internal' added
FG4H1F-5 (internal) # set physical-switch sw0
FG4H1F-5 (internal) # config port
To add the Physical interface to the software switch, follow these steps:
Via the GUI:
- Go to: Interface -> Software Switch -> Edit.
Interface Name: Internal.
Type: Software Switch. - On Interface Members, select 'add'. Select the respective physical interface from the 'Select Entries list'.
To remove the interface, deselect the interface from the Interface Members list.
Via the CLI:
To add a Physical interface to the software switch:
config system switch-interface
edit internal
set member <list of interface>
end
When adding an interface to a software switch configuration, make sure all other interfaces are added to the member list.
For example:
config system switch-interface
edit internal
set member lan1 lan2 <- Currently, lan1 and lan2 are members of an internal software switch.
next
To add lan4, re-add all of the interfaces to the member list.
config system switch-interface
edit internal
set member lan1 lan2 lan4
next
end
To remove the interface from the software switch:
config system switch-interface
edit internal
unselect member lan4 <- Physical interface name.
next
end
Note:
The hardware switch is only available on physical FortiGates.
The Hardware switch option is not visible in the FortiGate interface when 'VLAN Switch' is displayed instead. To resolve this issue, disable 'VLAN switch mode' under System -> Settings -> System Operating Settings. For additional details, refer to the related article.
Related article:
Technical Tip: FortiGate does not support 'Hardware Switch' type
