| Description | This article describes how to bring a managed FortiSwitch over a P2P wireless bridge/mesh link. |
| Scope | FortiGate, FortiSwitch and FortiAP version 7.x. |
| Solution |
Refer to the following config example:
Setup: FortiGate- FortiSwitch(Switch1)port7 - FortiAP433F <---Mesh link--->FortiAP433F- FortiSwitch(Switch2)port7
Port7 has native VLAN1.
Configuration:
- Both FortiSwitchs must be in FortiLink mode: - Use the following FortiSwitch configuration:
# config system global set switch-mgmt-mode fortilink end
Note: The above command is not applicable for FortiSwitch versions 7.2 and above. See the following document: https://docs.fortinet.com/document/fortiswitch/7.2.0/fortilink-guide/801205/special-notices.
# config switch global set fortilink-p2p-native-vlan 1 end
Here, VLAN1 is configured because APs are connected to native VLAN 1.
# config switch physical-port edit "port7" set fortilink-p2p enable end
Since the p2p native VLAN is configured as 1, the FortiLink VLAN 4094 will be tagged between the FortiSwitches. As a result, it is necessary to ensure that Leaf AP tags the VLAN 4094. Configure the following parameters on the Leaf AP:
# cfg -a MESH_ETH_BRIDGE=1 # cfg -c
Multiple VLANs can be added using a comma.
The output of the Inter-Switch Link (ISL) trunk FortiLink interface on both FortiSwitches is below. Note that the VLAN 4094 is tagged.
Switch1:
# sh switch trunk edit "S124EFxxxx699-0" set auto-isl 1 next
# show switch interface edit "S124EFxxxx699-0" set allowed-vlans 1,39,50,99,4088-4094
Switch2:
# sh switch trunk edit "S124EFxxxx159-0" set auto-isl 1 next
# show switch interface S124EFxxxx159-0 edit "S124EFxxxx159-0" set allowed-vlans 1,39,50,99,4088-4094 next end
FortiGate:
# execute switch-controller get-conn-status FortiLink interface : FortiLnk-ha
Referred documents: Page 43: FortiLink over a point-to-point layer-2 network:
Refer to the following document link for the FortiAP mesh configuration. |
