Description

Solution

The internal interface has a native VLAN 4094, and all of the ports have a native VLAN 1.

In this scenario, assume port1 connects to the uplink router/switch, and that the uplink device is configured for native VLAN 10. To get the switch IP from VLAN10, configure the switch internal interface and port1 for the native VLAN 10.

Use console access to configure the following parameters in the CLI.

config switch interface
    edit internal
        set native-vlan 10
    next
    edit port1
        set native-vlan 10
end

Configure the internal interface either with static IP or DHCP as follows:

config system interface
    edit internal
        set mode dhcp/static          <----- The internal interface can be configure with either static IP or DHCP.

 end 

• For static:

set ip <ip address> <subnet mask>
    set allowaccess ping https http ssh snmp telnet radius-acct
end

• For static route:

config router static
    edit 1
        set device "internal"
        set dst 0.0.0.0 0.0.0.0
        set gateway <ip address of the gateway x.x.x.x>
    next
end

After the configuration is done, the switch is reachable to the network.

get router info routing-table details

S>*  0.0.0.0/0 [5/0] via x.x.x.x, internal

get system arp
Address           Age(min)       Hardware Addr         Interface
x.x.x.x             0          xx:xx:xx:xx:xx:xx        internal

execute ping <gateway_IP>

View ARP entries on the switch to verify switch has network connectivity

     get system arp

Note: This can also be configured via the Switch GUI if management access to the FortiSwitch is available. By default, the management IP is 192.168.1.99/24.