I've got 2 FSW 248d connected via fortilink to FWF60. Fortilink is setup on 2 ports set as Hardware switch. To this hardware switch i've setup a number of vlans. On version 6.2 FortiOS i can setup forti link on 2 ports running as aggregate. My question is: Is there a way to change interface type "Hardware switch" to aggregate, without loosing vlan config?
In case you have not tried this or anyone else is wondering how to do this. You could try saving an unencrypted config file, open the config file in a text editor, change the type from "set type hard-switch" to set type aggregate", save and load the config back onto the Fortigate.
It would probably fail. Because the hard-switch (config sys virtual-switch) with the same name still exists in the config. The Fortigate wouldn't like the conflicting config. You have to remove it as well.
I made these changes including removing the virtual-switch reference. Everything worked except for the FortiAPs (FAP) that are connected to the FortiSwitch (FS). The FAPs are visible to the FortiGate (FG) through device discovery. However, the FAPs are not connecting to the Wireless Controller of the FG. The APs power up with their default IPs of 192.168.1.2 and I can log into the AP at that IP address, the AP cycles through a few states searching states but never finds the controller. It appears the APs worked for about 1 week after making the change from switch to aggregate on the FortiLink (FL) interface. I assume it worked last week because the APs still had IP addresses assigned from the previous config and when they went to renew, they could not get a new assignment. They are assigned to an FL VLAN that has a DCHP server active on it and that is working for other devices through the FS. Fabric is enabled on the FL interface. They do show up as unauthorized on the FG if they are removed, then when authorized they go offline and stay that way. An AP will connect to the controller when connected directly to the FG. Does anyone have any ideas as to what might be happening here?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.