Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
zergling
New Contributor II

FortiSwitch Unable to Access WEB GUI

I just took over the previous IT person and I was wondering if someone could guide me in how to enable to WEB-GUI on my S248EF.

 

FortiLink Interface

LinkUP
Port SpeedAuto-Negotiation
Type802.3ad Aggregate
IPv4 Addresses169.254.1.1/24
Members A B
Managed DevicesFortiSwitch
DHCP Clients1
Security Fabric Connection YES

 

 

 

I tried to connect physically using the mgmn cable setting my PC ip address as 

 

169.254.1.2

255.255.255.0

169.254.1.1

 

But still, no success.

I am new with FortiSwitches and I would REALLY appreciate any help.

12 REPLIES 12
anignan
Staff
Staff

Hi @zergling 

This FSW model has a physical mgmt port with default IP address of 192.168.1.99/24 you can connect your management computer to this port and assign an IP address on the same broadcast domain. 

If the switch is manage through FortiLink you really don't need to login to the GUI and make changes because these changes are not pushed to FortiGate and the next time FortiGate make make an API call to it the local config may be lost.

 

REF: Admin Guide https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/e6a256ac-202f-11e9-b6f6-f8bc12...

 

Abdel

NSE4,5x2,6x2,7x4

zergling
New Contributor II

Hello anignan,

 

                   FortiLink

Firewall ---------------------> Switch (S248EF)

 

So, if I have understood correctly, the Switch is managed via FortiLink through the Firewall.

 

Therefore, there is no need to do any modifications via the Switch WEB-GUI because of the risks that you mentioned (API call).

 

At this point my question is... What if the current switch die on me?

Can I can just replace it with the same exact model S248EF and I am ready to go?

 

This is what is worrying me.

 

Could you please let me know?

 

P.S. Thank you so very much for helping me out. I really appreciated it.

anignan

Hi @zergling 

 

If the switch dies the config will still be on the FortiGate you just need to adjust the SN on the firewall config under "config switch-controller managed-switch"...

 

Check this link: https://docs.fortinet.com/document/fortiswitch/7.0.8/devices-managed-by-fortios/173284/replacing-a-m...

 

Abdel

NSE4,5x2,6x2,7x4

zergling
New Contributor II

Hello @anignan 

 

I just tried again to connect to the MGMT port via an Ethernet cable without success. 

 

Management computer:

IP address: 192.168.1.2

Netmask: 255.255.255.0

Default gateway: 192.168.1.1

 

Preferred DNS server:

Alternate DNS server:

 

 

Switch

 

 

FortiSwitch-Main # show system interface
config system interface
    edit "mgmt"
        set allowaccess ping https ssh
        set type physical
        set snmp-index 55
    next
    edit "internal"
        set mode dhcp
        set allowaccess ping https ssh
        set type physical
        set snmp-index 54
        set defaultgw enable
    next
    edit "rspan"
        set mode dhcp
        set allowaccess ping
        set snmp-index 57
        set vlanid 4092
        set interface "internal"
    next
end

 

 

 

 

 

 

 

Is it possible that the IT person before me, disabled the MGMT and/or changed the default IP Address?

 

Thank you for the info. Now I feel more confident in case my Switch dies on me.

 

ebilcari

The replacement procedure is explained here in details: https://docs.fortinet.com/document/fortiswitch/7.0.8/devices-managed-by-fortios/173284/replacing-a-m...

Depending on the way they are set up there are some extra step to follow and lastly:

execute replace-device fortiswitch <failed_FortiSwitch_serial_number> <replacement_FortiSwitch_serial_number> 
- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
zergling
New Contributor II

Hello @anignan @ebilcari ,

 

Is there a way to check from my FortiGate if the Switch has split ports enabled/disabled?

 

Is in situation like this one that I would love to have the WEB-GUI working on the Switch.

anignan

Hi @zergling 

 

What do you mean by this? spilt port to increase port density?

 

Abdel

zergling
New Contributor II

Hello @anignan 

 

In the steps in how to replace a Switch, it says:

 

To replace a managed FortiSwitch unit when split ports are not enabled:

....

....

To replace a managed FortiSwitch unit when split ports are enabled:

...

...

 

So, I was wondering... How do I check from my FortiGate if the Switch has split ports enabled/disabled?

 

So, the day my Switch dies, I know which part to follow.

 

I hope I was able to answer your question.

 

 

anignan

Hi @zergling 

 

AFIK no spilt port is only supported on FSW data center model 1000 and 3000 series.

 

Abdel

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors