I just took over the previous IT person and I was wondering if someone could guide me in how to enable to WEB-GUI on my S248EF.
FortiLink Interface
Link | UP |
Port Speed | Auto-Negotiation |
Type | 802.3ad Aggregate |
IPv4 Addresses | 169.254.1.1/24 |
Members | A B |
Managed Devices | FortiSwitch |
DHCP Clients | 1 |
Security Fabric Connection | YES |
I tried to connect physically using the mgmn cable setting my PC ip address as
169.254.1.2
255.255.255.0
169.254.1.1
But still, no success.
I am new with FortiSwitches and I would REALLY appreciate any help.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi @zergling
This FSW model has a physical mgmt port with default IP address of 192.168.1.99/24 you can connect your management computer to this port and assign an IP address on the same broadcast domain.
If the switch is manage through FortiLink you really don't need to login to the GUI and make changes because these changes are not pushed to FortiGate and the next time FortiGate make make an API call to it the local config may be lost.
REF: Admin Guide https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/e6a256ac-202f-11e9-b6f6-f8bc12...
Abdel
NSE4,5x2,6x2,7x4
Created on 09-22-2023 07:23 AM Edited on 09-22-2023 07:24 AM
Hello anignan,
FortiLink
Firewall ---------------------> Switch (S248EF)
So, if I have understood correctly, the Switch is managed via FortiLink through the Firewall.
Therefore, there is no need to do any modifications via the Switch WEB-GUI because of the risks that you mentioned (API call).
At this point my question is... What if the current switch die on me?
Can I can just replace it with the same exact model S248EF and I am ready to go?
This is what is worrying me.
Could you please let me know?
P.S. Thank you so very much for helping me out. I really appreciated it.
Hi @zergling
If the switch dies the config will still be on the FortiGate you just need to adjust the SN on the firewall config under "config switch-controller managed-switch"...
Check this link: https://docs.fortinet.com/document/fortiswitch/7.0.8/devices-managed-by-fortios/173284/replacing-a-m...
Abdel
NSE4,5x2,6x2,7x4
Created on 09-22-2023 08:15 AM Edited on 09-22-2023 09:11 AM
Hello @anignan
I just tried again to connect to the MGMT port via an Ethernet cable without success.
Management computer:
IP address: 192.168.1.2
Netmask: 255.255.255.0
Default gateway: 192.168.1.1
Preferred DNS server:
Alternate DNS server:
Switch
FortiSwitch-Main # show system interface
config system interface
edit "mgmt"
set allowaccess ping https ssh
set type physical
set snmp-index 55
next
edit "internal"
set mode dhcp
set allowaccess ping https ssh
set type physical
set snmp-index 54
set defaultgw enable
next
edit "rspan"
set mode dhcp
set allowaccess ping
set snmp-index 57
set vlanid 4092
set interface "internal"
next
end
Is it possible that the IT person before me, disabled the MGMT and/or changed the default IP Address?
Thank you for the info. Now I feel more confident in case my Switch dies on me.
Created on 09-22-2023 07:59 AM Edited on 09-22-2023 08:02 AM
The replacement procedure is explained here in details: https://docs.fortinet.com/document/fortiswitch/7.0.8/devices-managed-by-fortios/173284/replacing-a-m...
Depending on the way they are set up there are some extra step to follow and lastly:
execute replace-device fortiswitch <failed_FortiSwitch_serial_number> <replacement_FortiSwitch_serial_number>
Created on 09-22-2023 09:45 AM Edited on 09-22-2023 09:47 AM
Hello @anignan
In the steps in how to replace a Switch, it says:
To replace a managed FortiSwitch unit when split ports are not enabled:
....
....
To replace a managed FortiSwitch unit when split ports are enabled:
...
...
So, I was wondering... How do I check from my FortiGate if the Switch has split ports enabled/disabled?
So, the day my Switch dies, I know which part to follow.
I hope I was able to answer your question.
Hi @zergling
AFIK no spilt port is only supported on FSW data center model 1000 and 3000 series.
Abdel
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1692 | |
1087 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.