Before connecting any FortiSwitch, it is necessary to enable the switch controller feature (depending on the model, this can be enabled by default):

To enable this by CLI:

config system global

    set switch-controller enable

end

The FortiLink interface is automatically created as an aggregate interface type. If the FortiGate model does not support this type, it is created automatically as a hardware switch.

It is also possible to see the FortiLink interface by going to WiFi & Switch Controller -> FortiLink Interface.

To work correctly, it is necessary to check three configurations on the interface level:

1. Configure the IP/Network Mask for the network.
2. Security Fabric Connection is enabled in the Administrative Access.
3. The DHCP server is enabled.
4. Optionally, it is possible to set the Automatically Authorize Devices option to avoid needing to manually authorize devices.

Note:

With the factory default settings, the FortiLink interface will be as below:

config system interface
    edit "fortilink"
        set vdom "root"
        set fortilink enable
        set ip 10.255.1.1 255.255.255.0
        set allowaccess ping fabric
        set type aggregate
        set member "a" "b"
        set lldp-reception enable
        set lldp-transmission enable
    next
end

If the 'set fortilink' option was disabled previously via GUI or CLI, it is required to re-enable it, and this is possible only via the CLI. Otherwise, FortiSwitches will not synchronize.

To re-enable it:

config system interface
    edit "fortilink"
        set fortilink enable
    next
end

When the 'FortiLink' feature is disabled, the 'Dedicated to FortiSwitch' will not be visible in the GUI.

To continue, at the System -> Settings menu, it is necessary to ensure that the FortiGate is set to serve as an NTP server and that the FortiLink interface is listening:

Every FortiSwitch model comes with a set of ports that are activated for FortiLink auto-discovery by default. There is no need to configure a switch if the connection for the FortiLink is via one of these ports.

The final four ports are the default auto-discovery FortiLink ports in v3.4.0 and subsequent versions. To view which ports have auto-discovery enabled, it is possible to use the FortiSwitch unit's show switch interface command.

The default auto-discovery ports for every switch model are listed in the following:

Any physical interface on the FortiGate and FortiSwitch can be used for FortiLink if it is manually configured.

If issues related to the FortiLink interface still occur after ensuring these configurations are in place on the FortiGate, see Technical Tip: Managed FortiSwitch onboarding Troubleshooting Guide

To configure FortiLink on a different interface instead of the default FortiLink aggregate interface, refer to Technical Tip: How to add/connect FortiSwitch to FortiGate on any interface