Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
mAineAc
New Contributor

Created on ‎03-21-2023 07:26 AM

Fortigate vxlan cannot add system vlan interface to switch

I have two 80F fortigates that i am trying to lab vxlan on for production. One system is on 7.2.4 and the other is on 7.2.2. Following the documentation it says to add the vlan interface and the vxlan interface to the switch for the last step. On the 7.2.2 version it has the vlan system interfaces available to add to the switch. These are identical configs on each side I have them set up as policy based and vlan switch mnode. Not sure if this is a bug, but I am using this guide to set up the vxlan

Labels:
1529
0 Kudos
4 REPLIES 4
mAineAc
New Contributor

Created on ‎03-22-2023 05:50 AM

So I upgraded the device on version 7.2.2 to see if that makes a difference and it did not. I still only have the options for the vlan interfaces and not the physical interfaces to be able to add for the system switch--interface. I also tried deleting and recreating the vlan interfaces on the one that was originally on 7.2.4 but that did not make a difference either. 

1511
0 Kudos
funkylicious
SuperUser
SuperUser
In response to mAineAc

Created on ‎03-22-2023 07:19 AM

I think it's a mistake in the guide and a virtual-wire-pair is created, because in a software-switch you can add only physical interfaces,

 

config system switch-interface

  edit TEST

  set member
     *interface-name Physical interface name.

"jack of all trades, master of none"
"jack of all trades, master of none"
1507
0 Kudos
mAineAc
New Contributor
In response to funkylicious

Created on ‎03-22-2023 07:19 PM

This is the config in one:

 

LAB-17 # show system switch-interface
config system switch-interface
edit "OES-SW1"
set vdom "root"
set member "vlan253" "vxlan253"
next
end

LAB-17 #

 

and I do not have the option to add the physical interfaces

 

On the other system it lets me add the vxlan interface but the internal6 is no longer available after removing

 

LAB-16 # conf system switch-interface

LAB-16 (switch-interface) # edit OES-SW1

LAB-16 (OES-SW1) # set member
*interface-name Physical interface name.
OES-ME-VXLAN interface
internal5 interface

LAB-16 (OES-SW1) # set member

 

1498
0 Kudos
jm-barreto
New Contributor III

Created on ‎03-13-2025 01:07 PM

Check if the interface that you try to add is referenced on other part of the configuration. If the interface is use on other things like in a firewall rule, if it have and ip or a address object attached to the interface it will not be available to add to the softswitch. 

JBC
JBC
69
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.