Running Fortigate on 7.4.5.
I have some VLAN interfaces that are part of a LAG. I need to move one of these VLANs out of the LAG and have it tagged on a separate physical interface (or perhaps a different LAG).
I did see the article https://community.fortinet.com/t5/FortiGate/Technical-Tip-Migrating-VLAN-interfaces-from-one-interfa... suggesting looking at the "parent" where the Integrate Interface is available, but I don't have that. All the VLANs as well as the parent LAG have the Integrate Interface greyed out.
How can I move it? I really don't want to delete and recreate it as I have lots of policies linked I would need to delete and recreate too.
You need to remove all references to the interface in the config, delete it, and re-create accordingly.
Hello,
I believe that would be possible, but since the parent interface is up and in use, I am not sure it would be possible in that case.
I would suggest perhaps in a maintenance window to set the parent interface down, and after that try to move the subinterfaces.
In the end, I went with deleting it. It's a real pain as I have to now redefine all the policies...
@ezhupa, unfortunately, that's not really an option as the parent interface holds the entire network! Of course, had I known the limitation, I wouldn't have done it this way. I'm learning the delish little details of FortiOS :)
You are right, I can feel you.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.