|
Changing the IP address of FortiLink FortiSwitches without traffic interruption can be accomplished by following the steps outlined below:
Former IP address of the FortiLink interface - 10.10.90.1/255.255.255.0
Former DHCP Address range - 10.10.90.2-10.10.90.254
New IP address of the FortiLink interface - 10.10.91.1/255.255.255.0
New DHCP Address range - 10.10.91.2-10.10.91.254
- Modify the FortiLink IP/Netmask to 10.10.91.1/255.255.255.0 and ensure that the DHCP server address range has been updated to align with this change, as shown in the screenshot below.
- After the above change is applied, FortiSwitches will temporarily lose connectivity over the control plane to the FortiGate. This should not affect end-user traffic flow since Layer 2 adjacency is still established and the VLANs between FortiGate and FortiSwitch are still intact. However, subsequent attempts to modify the configuration on the FortiSwitch from the FortiGate at this point will fail.
To restore control plane management between the FortiGate and the FortiSwitch, a secondary IP address with an old IP address needs to be configured on the FortiGate:
config system interface
edit internal3
set secondary-IP enable
config secondary-ip
edit 0
set ip 10.10.90.1/24
set allowaccess ping fabric
next
end
next
end
- After configuring the secondary IP address, access to the FortiSwitch CLI is restored. To manually force a DHCP IP address renewal directly from the FortiSwitch, 'right-click' on the FortiSwitch, connect to CLI, and log in to FortiSwitch. Execute the following command:
execute interface dhcpclient-renew internal
The 'Managed FortiSwitches' page can then be refreshed, and the new IP address should be visible in the 'Connecting From' column of the FortiSwitch, as illustrated below:
- After all the switches acquire addresses in the new subnet, the secondary IP address of the FortiLink interface can be disabled using the following commands:
config system interface
edit internal3
set secondary-IP disable
next
end
|
