Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Flamba
New Contributor

FWF-60E Software Switch , how to remove a port from "internal"

I am setting up a fortiwifi 60e  V6.0.8 build 0303 and i have a strange problem with network interfaces.

I find a single "software switch" that i have never used. This switch software has internal and wifi members.

From the internal member i want to remove a port, for example the 7, but i can't.  I am going crazy . Does anyone know how to do? Thank' to all.

 

FROM CLI: Connected

FWF60 # config system virtual-switch FWF60 (virtual-switch) # show config system virtual-switch edit "internal" set physical-switch "sw0" config port edit "internal1" next edit "internal2" next edit "internal3" next edit "internal4" next edit "internal5" next edit "internal6" next edit "internal7" next end next end

1 Solution
rwpatterson
Valued Contributor III

Just shooting from the hip here. Have you tried

 

   config system virtual-switch     edit "internal"     set physical-switch "sw0"     config port ? The question mark at the end should give you options on what you can do from there.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

View solution in original post

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
7 REPLIES 7
rwpatterson
Valued Contributor III

Just shooting from the hip here. Have you tried

 

   config system virtual-switch     edit "internal"     set physical-switch "sw0"     config port ? The question mark at the end should give you options on what you can do from there.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
emnoc
Esteemed Contributor III

Actual go into the config port sub-section and delete the interface

 

homefgt (port) # delete 

*All    members of physical switch sw0:

 

current members of lan

 

lan1   

lan2   

lan3   

lan4   

lan5   

 

homefgt (port) # delete 

 

Ken Felix

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
Dave_Hall

Screenshot shows 4 references to the lan interface.  I suspect that's at least a firewall policy (or 2), DHCP server reference, hardware switch(?), and perhaps an active admin login.  Don't have a fgt in front of me atm to test this, but I am assuming you won't be able to change members on that Internal switch while an admin is connected through it.

 

Of course, as a last ditch effect, you always could load the config into a text editor and manually remove "internal7" from the switch.

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
Flamba

After a break i'm back on the Fortigate! 

 

from the cli you saw above, i simply gave a delete "internal7" and the problem was solved!

 

now i have internal7 free !!!!!!!!!!! 

 

Thank you all as always, i hope this is useful to others users. 

example to delete the internal6 from CLI: Connected

FWF60 # config system virtual-switch FWF60 (virtual-switch) # edit "internal" FWF60 (internal) # set physical-switch "sw0" FWF60 (internal) # config port FWF60 (port) # show config port edit "internal1" next edit "internal2" next edit "internal3" next edit "internal4" next edit "internal5" next edit "internal6" next end FWF60 (port) # delete "internal6" FWF60 (port) # end FWF60 (internal) # end

Toshi_Esumi

By the way, in case somebody found this thread in his/her search effort in the future, this "config sys virtual-switch" is so-called hard-switch configuration. Not soft-switch in the subject line (config sys switch-interface). Any FWF has a soft-switch (mostly "lan") by default including this "internal" hard-switch interface and "wifi" interface. And this thread is about how to remove one interface out of "internal" hard-switch interface.

Just don't get confused.

zballa
New Contributor

Or you could have go to Network/Interfaces, double click on Internal under Hardware Switch and click on the black x next to the interface you want to get out of the switch. I use the CLI a lot, but sometimes the GUI is better.

BNDP
New Contributor

You can edit the Internal switch interfaces and after that, u can see in the interface members all the ports are available with 'X' symbol. So you can select which port u want to remove and click on 'X' symbol. Then it will become an independent port. 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors