I want to turn off Lockdown ISL on Fortigate firewall, but it automatically turns back on. How can I turn it off?
I found this in the Fortigate library, but I didn't have much success.
https://docs.fortinet.com/document/fortiswitch/7.2.6/fortilink-guide/173260/configuring-fortilink
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi @Gumo ,
Can use the CLI command
#diagnose switch-controller switch-recommendations fabric-lockdown-disable
If you have found a solution, please like and mark it as solved to make it easily accessible for everyone.
I tried and got success, but it is still open, do I need to restart the firewall?
Created on 10-30-2024 09:12 AM Edited on 10-30-2024 09:13 AM
Hi @Gumo ,
No need to restart the firewall after running that command.
Thank you,
Hi @Gumo ,
I can see that you have only one FortiSwitch connected. The Lockdown ISL option applies only to ISL or ICL links. If the FortiGate does not detect any ISL or ICL the command "diagnose switch-controller switch-recommendations fabric-lockdown-disable" returns successful but the option remains enabled. That is expected.
If you have more than one FortiSwitch and at least one ISL or ICL, then you should be able to disable that option (either from GUI or CLI).
Thank you,
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1665 | |
1077 | |
752 | |
446 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.