Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
jmhalegre
New Contributor II

Discovering Fortiswitch in Fortigate from a Dell network

Hi Team,

 

I need help to know how to perform the configuration on the different network elements for the Fortigate to discover the Fortiswitches on Vlan1001. Is it possible?

 

The scenario is as follows:

 

FortiGate_Dell_Fortiswitch.jpg

 

 

Thanks & Best Regards,

Juanmi

4 REPLIES 4
ozkanaltas
Valued Contributor III

Hello @jmhalegre ,

 

You can use that topology except for one thing. If you want to use the FortiLink interface on the firewall, you need to use a physical port for FortiLink.

 

After that, you just need to configure it to pass the 4094 vlan on the Dell switch. Vlan 4094 default FortiLink vlan's. If you want to change this vlan you can use these commands.

 

 

config system interface
    edit <fortilink interface>
        set fortilink enable
        set switch-controller-mgmt-vlan <integer>
    next
end

 

Or you can use FortiLink over Layer 3 network mode. 

 

https://docs.fortinet.com/document/fortiswitch/7.4.2/fortilink-guide/801182/fortilink-mode-over-a-la...

 

 

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
jmhalegre

Hi @ozkanaltas,

 

One doubt, if we change the Vlan 4094 in FortiGate for vlan 4084, I understand that it will be necessary to make the change in the FortiSwitch as follows:

 

config switch auto-network
set mgmt-vlan 4084
set status enable
end

 

config switch global
fortilink-p2p-native-vlan 4084

 

and in the Dell create the Vlan 4084 and pass it tagged by the Trunk, correct?

 

I understand, that the interface that I must connect to the Dell Switch "Fortigate Port A to Switch Dell" for the discovery of the switches, must be the interface "Fortilink // Dedicated to Fortiswitch"?

 

The scenario would look like this:

 

FortiGate_Dell_Fortiswitch.jpg

 

Thanks & Best Regards,

Juanmi

 

ozkanaltas
Valued Contributor III

Hello @jmhalegre ,

 

This configuration should work except for one thing. You need to configure 4084 vlan on Dell eth1/1/12 port.

 

Also, In my opinion, you don't need a p2p configuration. You can try both scenarios. 

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
jmhalegre

Perfect!!!!!,

Thanks for the info, on Monday I will do some tests and I will let you know the results.

 

Thanks & Best Regards,

Juanmi

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors