Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
live89
Contributor II

Created on ‎08-22-2025 01:00 AM Edited on ‎08-22-2025 03:42 AM

CheckPoint to FortiGate conversion

We are converting checkpoint configurations to fortigate (finally getting rid of it)

But I have seen the interface setting and here is something I am not used to it

In Checkpoint the LAG interface itself (the physical) has a network without VLAN 

the Forticonverter converter exactly the same settings. see screenshots bellow:

checkpoint.PNG

forticonverter.PNG

I am used to put all IP addresses and betworks to logical interfaces with VLANID

So my question is, will this work normally in fortigate? with VLAN ID 1 ? untagged ? can this interface (the physical) be assigned to policies later ?

 

Thanks 

Thanks

Thanks
Labels:
278
0 Kudos
1 Solution
funkylicious
SuperUser
SuperUser

Created on ‎08-22-2025 01:20 AM Edited on ‎08-22-2025 01:21 AM

yes, it should work normally and you can use it later in firewall rules.

as for the VLAN ID, this can be verified/viewed and the switch/PO interface on what native vlan is set but it should work as intended.

"jack of all trades, master of none"

View solution in original post

"jack of all trades, master of none"
263
3 REPLIES 3
funkylicious
SuperUser
SuperUser

Created on ‎08-22-2025 01:20 AM Edited on ‎08-22-2025 01:21 AM

yes, it should work normally and you can use it later in firewall rules.

as for the VLAN ID, this can be verified/viewed and the switch/PO interface on what native vlan is set but it should work as intended.

"jack of all trades, master of none"
"jack of all trades, master of none"
264
live89
Contributor II
In response to funkylicious

Created on ‎08-22-2025 03:32 AM

Thank you, appreciated!

For the SW (Aruba) it is native vlan 1

So it is the same in the Physical link aggregation in fortigate?

 

aruba.PNG

Thanks

Thanks
234
0 Kudos
funkylicious
SuperUser
SuperUser
In response to live89

Created on ‎08-22-2025 05:19 AM Edited on ‎08-22-2025 05:19 AM

it should be ok.

 

you would need to match the LACP params on the FGT to the ones on the SW as for mode active and speed/rate fast .

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Initial-troubleshooting-steps-for-LACP-Lin... 

"jack of all trades, master of none"
"jack of all trades, master of none"
208
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.