Hello everyone,
I'm new on this forum and a rookie in networking/Fortinet :)
I have a question regarding my topology with Fortilink :
I have multiple VLANs across the switches and the Fortigate is managing all the switches.
At this moment, all the internal traffic is going through the Fortigate and I'd like to change that.
I have seen that with the "Advanced license", I could set up the SW1 as L3.
My questions are :
- If I put the SW1 in standalone mode to perform as L3, can I still have all the other switches managed by the Fortigate as it is right now?
- If yes, all the internal traffic would be performed by the SW1 even if the other switches are managed by the Fortigate?
I'm all ears if there is/are other solutions.
About the config/firmware : All the links are in auto-mode / FG and FSW firmware is 7.0.1 (GA).
Thanks in advance,
GiGi.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi,
The design should work. We can disable fortilink discovery on the switch and on FGT we can disable fortilink discovery for the switch.
SW1 will act as a router/dhcp server and other switches will be on a different network and can come online on FGT using Fortilink Over L3.
However, there are some limitations of L3 fortilink, please refer https://docs.fortinet.com/document/fortiswitch/7.0.4/devices-managed-by-fortios/801182/fortilink-mod...
Also, this may not be required but wanted to put this point- if switch is doing routing functions and depending on the network load, you may have to consider higher end switches 1xxx series. https://www.fortinet.com/content/dam/fortinet/assets/data-sheets/FortiSwitch_Data_Center_Series.pdf
Hi,
The design should work. We can disable fortilink discovery on the switch and on FGT we can disable fortilink discovery for the switch.
SW1 will act as a router/dhcp server and other switches will be on a different network and can come online on FGT using Fortilink Over L3.
However, there are some limitations of L3 fortilink, please refer https://docs.fortinet.com/document/fortiswitch/7.0.4/devices-managed-by-fortios/801182/fortilink-mod...
Also, this may not be required but wanted to put this point- if switch is doing routing functions and depending on the network load, you may have to consider higher end switches 1xxx series. https://www.fortinet.com/content/dam/fortinet/assets/data-sheets/FortiSwitch_Data_Center_Series.pdf
Hello Sachit Das,
Thanks for your reply.
I'll try to make this work then :)
Regards,
GiGi.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1547 | |
1031 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.