Description
This article describes FortiLink P2P supported network topologies.
Scope
FortiSwitch and FortiGate v6.4.x / v 7.0.x / 7.2.x
Solution
In some cases, requirement is to connect a FortiSwitch to 3rd party L2 switch and FortiSwitch should be managed by FortiGate in layer 2.
For example: FortiGate – FortiSwitch1 – 3rd party Layer2 Switch OR wireless bridge – FortiSwitch2.
To bring FortiSwitch online on FortiGate, configure FortiLink P2P. Refer to the below link:-
Note:
L2 setup could be mesh or any switch or any L2 infrastructure.
No traffic should be blocked on L2 setup/infrastructure forwarded between FortiSwitches.
Refer to the below diagram, here two different setups can be seen.
1) The green setup is supported: -
2) The Red setup is not supported. Using FortiLink P2P, either FortiSwitch3 or FortiSwitch4 can be bought online on FortiGate but not both FortiSwitch.
- When P2P is enabled on FortiSwitch1 port2, it will form a trunk with the peer FortiSwitch i.e., either FortiSwitch3 or FortiSwitch4, so only one of the FortiSwitch3 or FortiSwitch4 will come online.
- The reason is the FortiSwitch3 and FortiSwitch4 are using shared L2 setup and traffic from both FortiSwitches will hit same port (port2) of FortiSwitch1
Example: If the command 'show switch trunk' is ran on FortiSwitch 1 one will see:
If trunk formed with FortiSwitch3:
# config switch trunk
edit "4FXXXXXXX209-0"
set members "port2"
next
end
Or
If trunk formed with FortiSwitch4:
# config switch trunk
edit "4FXXXXXXX210-0"
set members "port2"
next
end
So it is best to have a dedicated L2 setup per P2P connection to avoid issue as described with RED setup.
