In a production environment where FortiLink is configured as an aggregate link and required to add another link due to high-capacity requirements, an error may occur as below.

This is because a VLAN under the FortiLink is created with 802.1ad, which is called a Q-in-Q VLAN.

It is possible to add a new link/interface to the FortiLink, only by deleting the VLAN interface.

Note: Once the VLAN has been created, neither VLAN ID, VLAN protocol, nor physical interface can be changed.

Note:

VLANs with 802.1q configuration do not have this issue

The main root cause is that FortiLink is fundamentally designed to manage and forward single-tag 802.1Q VLANs, where each VLAN directly maps. When 802.1ad (Q-in-Q) is used, traffic carries nested VLAN tags, but FortiLink and FortiSwitch hardware primarily recognize and control only the outer VLAN tag. This breaks the internal VLAN-to-interface model, causes inner VLANs to be treated inconsistently, and often disables hardware offloading.

As a result, multiple Q-in-Q VLANs do not scale or behave correctly under FortiLink, while standard 802.1Q VLANs work reliably because they match the architecture FortiLink was built to support.