Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
nrahman
New Contributor II

Looking for fortiswitching real scenario -Inter Vlan and Vlan

I am trying to find good short real scenario  for switch vlan configuration, inter-vlan routing , trunking and network segmentation documents.

6 REPLIES 6
Anonymous
Not applicable

Hello @nrahman 

 

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible. 

 

Thanks, 

    Fortinet Community Team 

 
vsiva
Staff
Staff

Dear @nrahman 

 

There are two types major of Fortiswitch deployment , one is  Fortilink mode where switches will be managed by Fortigate, the other is standalone switch  deployment.

 

Below is supported  topology for fortilink deployment :

 

https://docs.fortinet.com/document/fortiswitch/6.4.2/devices-managed-by-fortios/617516/network-topol...

 

User guide :

 

https://docs.fortinet.com/document/fortiswitch/7.0.4/devices-managed-by-fortios/173270/fortiswitch-m...

 

 

 

If the deployment method is fortilink ,  the L3 network will be on Fortigate itself and switches gateway for each vlan will be on the FGT. So FGT can route based on the policies and routes configured.

 

 

Standalone deployment guides:

 

https://docs.fortinet.com/document/fortiswitch/6.4.2/administration-guide/860027/mclag

 

Advanced scenarios :

 

https://docs.fortinet.com/document/fortiswitch/7.0.1/administration-guide/811127/using-layer-3-routi...

 

 

Hope this helps .

 

 


Regards

Vigneash

nrahman
New Contributor II

Thanks for the guides. 

 

I have two FortiGate Unit with HA enabled and others Forti switches are all connected to each others without any redundant links.  so in this case what is the best configuration guide for fortiswitch - VLAN configuration . 

vsiva
Staff
Staff

Dear @nrahman 

 

It depends on how many and  the model of switches .

I would recommend   an "mclag-icl" setup per the topology guide(supported for 1xx series above) :

 

https://docs.fortinet.com/document/fortiswitch/6.4.2/devices-managed-by-fortios/617516/network-topol...

 

The configuration of the switches will be done directly on the Fortigate.

Vlans will be created under "Managed Fortiswitch"/ "Fortiswitch vlan"

 

vsiva_0-1657182228338.png

 

Fortigate will be the gateway for all the vlans .

Switches will act as layer 2 in managed topologies.

 

 

Regards

Vigneash

nrahman
New Contributor II

Thank you so much for your information. I really appreciate it. 

 

What if I have more than 2 switches , for example I have 7 switches . How can I do that  ? 

vsiva
Staff
Staff

Dear @nrahman 

 

Yes with switches more than two switches,    we can have first two  core switches directly plugged into the FSW . Configure stacking b/w them (mclag-icl)  and connect end switches on the  core .

 

Example architecture :

Multi-tiered MCLAG with HA-mode FortiGate units

 

vsiva_0-1658996393013.png

 

 

All these switches will act managed with FGT and configuration will be in Fortigate for all switches.

 

https://docs.fortinet.com/document/fortiswitch/6.4.2/devices-managed-by-fortios/617516/network-topol...

 

 

Labels
Top Kudoed Authors