Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
jefazo92
Contributor

Created on ‎08-27-2024 05:29 AM

Can Cisco Discovery Protocol be disabled in a Fortigate?

I would like to disable CDP and have noticed it is referenced in certain CLI commands in the CLI reference. However, I have been unable to find how it might be disabled globally. Is there a command to achieve this?

Labels:
1892
0 Kudos
12 REPLIES 12
AEK
SuperUser
SuperUser

Created on ‎08-27-2024 05:39 AM

I guess you mean LLDP.

I know it can be disabled per interface but there seem to be a way to disable it globally.

https://docs.fortinet.com/document/fortigate/7.6.0/administration-guide/311052/lldp-reception

Hope it helps.

AEK
AEK
1473
0 Kudos
jefazo92
Contributor
In response to AEK

Created on ‎08-27-2024 05:40 AM

@AEK I mean CDP. I already disabled LLDP.

1470
0 Kudos
Jakob-AHHG
Contributor II
In response to jefazo92

Created on ‎08-27-2024 06:13 AM

So you disabled all FortiLink negotiation?
Well, if you don't need any other Fortinet equipment, that should be ok.. ;) 

Jakob Peterhänsel,
IT System Admin,
Arp-Hansen Hotrel Group A/S, Copenhagen, DK
Jakob Peterhänsel,IT System Admin,Arp-Hansen Hotrel Group A/S, Copenhagen, DK
1457
0 Kudos
AEK
SuperUser
SuperUser

Created on ‎08-27-2024 05:53 AM

I don't think FortiGate supports CDP.

I know FortiSwitch does.

AEK
AEK
1466
0 Kudos
Jakob-AHHG
Contributor II

Created on ‎08-27-2024 06:16 AM Edited on ‎08-27-2024 06:58 AM

I'm currious: Why?
In my 30 years of working with network equipment, CDP & LLDP is one of the most valuable features in troubleshooting many issues. Especially getting remote knowledge of what equipment is connected where to what ports.

Jakob Peterhänsel,
IT System Admin,
Arp-Hansen Hotrel Group A/S, Copenhagen, DK
Jakob Peterhänsel,IT System Admin,Arp-Hansen Hotrel Group A/S, Copenhagen, DK
1455
0 Kudos
AEK
SuperUser
SuperUser
In response to Jakob-AHHG

Created on ‎08-27-2024 06:36 AM

I guess because CDP is proprietary and LLDP is standard.

AEK
AEK
1395
0 Kudos
Jakob-AHHG
Contributor II
In response to AEK

Created on ‎08-27-2024 06:37 AM

He already disabled LLDP.. ;) 

Jakob Peterhänsel,
IT System Admin,
Arp-Hansen Hotrel Group A/S, Copenhagen, DK
Jakob Peterhänsel,IT System Admin,Arp-Hansen Hotrel Group A/S, Copenhagen, DK
1393
0 Kudos
abarushka
Staff
Staff

Created on ‎08-27-2024 06:55 AM Edited on ‎08-27-2024 07:00 AM

Hello,

 

CDP is not listed in the list of supported RFCs:

https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/e4a64990-3346-11ef-bfe5-fa163e...

 

Could you please elaborate which documentation you are referring to? 

FortiGate
1387
0 Kudos
jefazo92
Contributor
In response to abarushka

Created on ‎08-28-2024 12:42 AM

Hi @abarushka the Fortigate CLI reference manual, CDP is referenced for the management-interface parameter for config switch-controller lldp-settings. The description for the parameter states, "Primary management interface to be advertised in LLDP and CDP PDUs".

1278
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.