Created on 06-17-2022 06:46 AM Edited on 03-07-2023 10:29 AM By Stephen_G
Description | This article describes how to bring a managed FortiSwitch over a P2P wireless bridge/mesh link. |
Scope | FortiGate, FortiSwitch and FortiAP version 7.x. |
Solution |
Refer to the following config example:
Setup: FortiGate- FortiSwitch(Switch1)port7 - FortiAP433F <---Mesh link--->FortiAP433F- FortiSwitch(Switch2)port7
Port7 has native VLAN1.
Configuration:
- Both FortiSwitchs must be in FortiLink mode: - Use the following FortiSwitch configuration:
# config system global set switch-mgmt-mode fortilink end
Note: The above command is not applicable for FortiSwitch versions 7.2 and above. See the following document: https://docs.fortinet.com/document/fortiswitch/7.2.0/fortilink-guide/801205/special-notices.
# config switch global set fortilink-p2p-native-vlan 1 end
Here, VLAN1 is configured because APs are connected to native VLAN 1.
# config switch physical-port edit "port7" set fortilink-p2p enable end
Since the p2p native VLAN is configured as 1, the FortiLink VLAN 4094 will be tagged between the FortiSwitches. As a result, it is necessary to ensure that Leaf AP tags the VLAN 4094. Configure the following parameters on the Leaf AP:
# cfg -a MESH_ETH_BRIDGE=1 # cfg -c
Multiple VLANs can be added using a comma.
The output of the Inter-Switch Link (ISL) trunk FortiLink interface on both FortiSwitches is below. Note that the VLAN 4094 is tagged.
Switch1:
# sh switch trunk edit "S124EFxxxx699-0" set auto-isl 1 next
# show switch interface edit "S124EFxxxx699-0" set allowed-vlans 1,39,50,99,4088-4094
Switch2:
# sh switch trunk edit "S124EFxxxx159-0" set auto-isl 1 next
# show switch interface S124EFxxxx159-0 edit "S124EFxxxx159-0" set allowed-vlans 1,39,50,99,4088-4094 next end
FortiGate:
# execute switch-controller get-conn-status FortiLink interface : FortiLnk-ha
Referred documents: Page 43: FortiLink over a point-to-point layer-2 network:
Refer to the following document link for the FortiAP mesh configuration. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.