|
This article describes the behaviour when attempting to push config from the FortiGate to the FortiSwitch port which is part of the FortiLink trunk.
Refer to the example below:
FortiGate 6.4.9 is managing FortiSwitch 6.4.7.
FortiSwitch port7 is part of ISL FortiLink trunk.
# FGT# execute switch-controller get-conn-status
S108EF v6.4.7 (478) Authorized/Up - 169.254.1.6 Wed Jun 15 14:01:56 2022 access2
FortiSwitch:
# access2 # sh switch trunk
# config switch trunk
edit "8EFTF18000735-0"
set mode lacp-active
set auto-isl 1
set members "port7"
Now, from the FortiGate, change the port status to down:
FG200E (root) # config switch-controller managed-switch
FG200E (managed-switch) # edit S108EF
FG200E (S108EF) # config ports
FG200E (ports) # edit port7
FG200E (port7) # set status down
FG200E (port7) # end
FG200E (S108EF) # end
Run the below debug on FortiSwitch and the below logs is visible:-
access2 # diag debug cli 8
access2 # diag debug console timestamp enable
access2 # diagnose debug enable
2022-06-15 14:07:58 0: config switch physical-port
2022-06-15 14:07:58 0: edit "port7"
2022-06-15 14:07:58 0: unset link-status
2022-06-15 14:07:58 0: end
2022-06-15 14:07:59 open file 15 to write config
2022-06-15 14:08:00 write config file success, prepare to save in flash
2022-06-15 14:08:00 zip config file /data/./config/sys_global.conf.gz success!
Port status remains UP and does not get changed.
This is expected behaviour, do not change FortiSwitch's FortiLink port config from FortiGate.
NOTE: There are some exceptions like pushing the LLDP profile to the FSW Fortilink ports from the FGT. https://docs.fortinet.com/document/fortiswitch/7.0.4/devices-managed-by-fortios/801208/transitioning...
# access2 # sh full-configuration switch physical-port port7
.
.
set status up
|
