Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Dan_Eng52
Contributor II

Created on ‎11-13-2025 06:59 AM

FortiSwitch Port Flapping

Hi all,

 

I hope you're well. 

 

I'm currently investigating some connectivity issues users are reporting on AVD displaying 'Paused Connection'. At this site, we're running FortiSwitch 448E-FPOE's and in the system events I am seeing many 'port has come up' and 'port has come down' logs.

 

Screenshot 2025-11-13 144026.jpg

 

I've reviewed the spanning-tree instance and confirmed that it is stable, root bridge is correct, no recent TCN's and no high usage of system resources (CPU/Memory) noted. There are no FCS errors or any other stats on the physical ports that would suggest faulty cables. 

 

All ports connect to Cisco IP phones and from the logs it looks like the physical port flaps first which then triggered STP port status changes. I'm going to test bypassing the phone and connecting the PC directly to our FortiSwitch to rule out the phone causing the issue but wanted to know if there are any other troubleshooting steps I can take to identify the route cause. 

 

Many thanks, 
Dan. 

Labels:
192
0 Kudos
5 REPLIES 5
Anthony_E
Community Manager
Community Manager

Created on ‎11-16-2025 10:26 PM

Hello Dan,


Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Thanks,

Anthony-Fortinet Community Team.
128
0 Kudos
Jean-Philippe_P
Moderator
Moderator

Created on ‎11-18-2025 06:15 AM

Hello,

 

We are still looking for an answer to your question.

 

We will come back to you ASAP.

Regards,
Jean-Philippe - Fortinet Community Team
119
0 Kudos
Jean-Philippe_P
Moderator
Moderator

Created on ‎11-19-2025 04:57 AM

Hello Dan,

 

I found this solution. Can you tell us if it helps, please?

 

To further troubleshoot the connectivity issues and port flapping on your FortiSwitch, consider the following steps:

  1. Verify Cable and Transceiver Health: Use the command diagnose switch physical-ports cable-diag <port-name> on the FortiSwitch to check for any cable issues such as open circuits or shorts.

  2. Check for MAC Address Flapping: Use the command diagnose switch mac-addr list to check for frequent MAC address moves, which could indicate Layer 2 loops or issues with the connected devices.

  3. Review Event Logs: Use execute log display on the FortiSwitch to review detailed event logs for any patterns or anomalies that might indicate the cause of the port flaps.

  4. Analyze Port Statistics: Use diag switch physical-ports port-stats list <port number> to monitor for any incrementing errors or CRC errors on the ports.

  5. Test with Different Devices: As you mentioned, bypass the IP phones and connect PCs directly to the FortiSwitch to see if the issue persists, which can help isolate the problem to the phones or the switch.

  6. Check Power Supply: Ensure that the power supply to the FortiSwitch and connected devices is stable and not causing intermittent connectivity issues.

By following these steps, you should be able to gather more information to identify the root cause of the connectivity issues.

Regards,
Jean-Philippe - Fortinet Community Team
105
0 Kudos
AGoodOne
New Contributor
In response to Jean-Philippe_P

Created on ‎11-21-2025 02:55 AM

Hi Jean-Philippe_P,

 

We are experiencing the exact same issue on our FortiSwitch-426E-FPOE's, but not with Cisco IP phones but with FortiAP devices connected. We have been trying to get this resolved with FortiSupport for months now, but they seem to be at a loss as to what causes the ports to go down.
At first we also thought Spanning-Tree to be the issue, but ruled that out after some testing. In this (and our) case STP reacts to the port going down. The question is: WHY does it go down? The logging does not tell.

I'm testing your 6 steps and the only step I do not really understand is step 2. What is a good and what is a bad output for this command?
I get a list of 81 entries but cannot seem to interperate what is OK and what not?

76
0 Kudos
Jean-Philippe_P
Moderator
Moderator
In response to AGoodOne

Created on ‎11-21-2025 03:01 AM

Hello AGoodOne,

 

I found this answer for you:

 

When using the command diagnose switch mac-addr list on a FortiSwitch, you are checking for MAC address flapping, which can indicate network instability. Here's how to interpret the output:

  1. Good Output:

    • Each MAC address should be associated with a single port.
    • The list should remain stable over time, with minimal changes.

  2. Bad Output:

    • If you see the same MAC address appearing on multiple ports frequently, this indicates MAC address flapping.
    • Frequent changes in the MAC address table can suggest a loop or a misconfiguration in the network.

If you observe MAC address flapping, it could be due to network loops, incorrect VLAN configurations, or faulty network devices. Ensure that your network topology is correctly configured and that there are no redundant paths without proper loop prevention mechanisms like STP.

 

Does it help you?

Regards,
Jean-Philippe - Fortinet Community Team
66
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.