- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FortiSwitch FortiLink Trunk Question
Good day,
I was wondering if the FortiLink aggregation interface could be used as a trunk with a non-Fortinet switch. By default, ports x3 and x4 of the 200F are dedicated FortiLink ports. I would like to run ports x3 and x4 to an existing Cisco switch, soon to be replaced by two aggregate FortiSwitches.
I was hoping to set up all of the VLANs on the FortiLink interface to have them ready for when we move the connections over to the FortiSwitches. I'm hoping that traffic will still route out over the trunk properly when using FortiLink connections connected to a non-Fortinet switch.
Thank you,
FortiBagel
#FortiSwitch
#FortiLink
Solved! Go to Solution.
- Labels:
-
FortiLink
-
FortiSwitch
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If you were to trunk the VLANs for the cisco switch, you would create VLAN interfaces differently than you would FortiSwitch VLANs. You create FortiSwitch VLANs through the switch controller but you create any other kind of VLAN through a switch interface.
At the end of the day, you'll still have to create the VLANs on the switch controller so you may as well just do them both. I wouldn't use the default fortilink interfaces for the cisco switch if you don't have to. Reason being is that you would have to unconfigure the fortilink and then re-configure those interfaces as an aggregate interface. Leave it as fortilink so you can just plug the fortiswitch in and then you can delete the switch interface that you used for the cisco switch along with vlans you created on it.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @FortiBagel ,
You can use all interfaces as a normal interface even FortiLink.
But my advice is if you have other interfaces for the trunk links. You can add these interfaces in the zone. After the switch replacement, you just need to change members of the zone. Rules automatically applied after this replacement to new trunks.
NSE 4-5-6-7 OT Sec - ENT FW
Created on 03-21-2024 07:24 AM Edited on 03-21-2024 07:30 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I won't be removing the interfaces from the FortiLink LAG, as I'll be using the FortiLink LAG containing ports x3 and x4 with the new FortiSwitches. My plan is to connect x3 and x4 to my Cisco switches, keeping all VLANs on the FortiLink interface so that they will be in-place on FortiLink when I cut over to FortiSwitches. I'm hoping that despite being on a Cisco switch and not a FortiSwitch, it will still trunk traffic as expected. When the cutover time arrives, I'll move interfaces from the 200F x3, x4 <> Cisco to 200F x3, x4 <> FortiSwitch. Any thoughts on if traffic will flow as expected while connected to the Cisco switch?
Thank you so much for your reply!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Fortilink vlan and normal vlan configuration is not same. Because of that you can't use this scenario. Because of that, i gave advise about zone
NSE 4-5-6-7 OT Sec - ENT FW
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If you were to trunk the VLANs for the cisco switch, you would create VLAN interfaces differently than you would FortiSwitch VLANs. You create FortiSwitch VLANs through the switch controller but you create any other kind of VLAN through a switch interface.
At the end of the day, you'll still have to create the VLANs on the switch controller so you may as well just do them both. I wouldn't use the default fortilink interfaces for the cisco switch if you don't have to. Reason being is that you would have to unconfigure the fortilink and then re-configure those interfaces as an aggregate interface. Leave it as fortilink so you can just plug the fortiswitch in and then you can delete the switch interface that you used for the cisco switch along with vlans you created on it.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Great information, thank you so much! I think what I may do is trunk the FortiGate to the FortiSwitch via FortiLink, and uplink the core Cisco switch & configure trunking there until I get everything switched over.