How to disable Lockdown ISL

Gumo · ‎10-30-2024

I want to turn off Lockdown ISL on Fortigate firewall, but it automatically turns back on. How can I turn it off?

I found this in the Fortigate library, but I didn't have much success.
https://docs.fortinet.com/document/fortiswitch/7.2.6/fortilink-guide/173260/configuring-fortilink

msanjaypadma · ‎10-30-2024

Hi @Gumo ,

Can use the CLI command
#diagnose switch-controller switch-recommendations fabric-lockdown-disable

If you have found a solution, please like and mark it as solved to make it easily accessible for everyone.

Mayur Padma

Gumo · ‎10-30-2024

I tried and got success, but it is still open, do I need to restart the firewall?

fricci_FTNT · ‎10-30-2024

Hi @Gumo ,

No need to restart the firewall after running that command.

Thank you,

---
If you have found a useful article or a solution, please like and accept it to make it easily accessible to others.

fricci_FTNT · ‎10-30-2024

Hi @Gumo ,

I can see that you have only one FortiSwitch connected. The Lockdown ISL option applies only to ISL or ICL links. If the FortiGate does not detect any ISL or ICL the command "diagnose switch-controller switch-recommendations fabric-lockdown-disable" returns successful but the option remains enabled. That is expected.
If you have more than one FortiSwitch and at least one ISL or ICL, then you should be able to disable that option (either from GUI or CLI).

Thank you,

---
If you have found a useful article or a solution, please like and accept it to make it easily accessible to others.

How to disable Lockdown ISL

Nominate a Forum Post for Knowledge Article Creation