Hi all,
I hope you're well.
I Wonder if someone can give me some guidance on the best practice for auto-isl trunks. Once deployed and automatically established, in order to prevent the trunk configuration from being removed is there a way to disable the auto-isl or is it best to manual create the trunks?
I know with a FortiGate managed switch the "Lockdown ISL" is available which prevents the automatically created ISLs and ICLs from being accidentally deleted but in terms of a standalone deployment is there a similar command or method to achieve this?
Thanks,
Dan_Eng52
If there are few links that need to become trunk than best will be manual configuration of those trunks.
It depends on the management overhead that you will have.
I am not sure what will happen in this scenario:
-You set the trunk initially with auto-isl . Trunks are established.
-Change the config from auto to manual. Will the actual configuration be teared down or the trunks will remain operable with the auto config they got?
I have also been looking for a solution on this.
I am thinking of creating static trunks 802.3ad LACP from Fortigate of 4x1Gb connections, to a single FortiSwitch.
I tried to created the LACP trunk and profile the port on FSW. The LACP link comes up but I can never get the Fortilink to manage the switch.. It never get and IP address on the sys int on vlan 4094.
the auto ISL on individual ports for a LACP trunk automatically.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.