Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
fortiuser9
New Contributor

Created on ‎05-01-2025 02:37 AM Edited on ‎05-01-2025 02:38 AM

Migration to Fortlink and FS1048E

Hi,

 

We currently have a HA pair of 201F Fortigates.  Currently they link to a pair of HPE FlexFabric switches using the X1 and X2 interfaces using a aggregate interface.  Under this interface are a bunch of VLAN interfaces for various networks we use.  This interface is called Briggs_INTTrunk and has an IP address assigned directly to it.  This subnet this interface sites on 172.19.0.0/21 also has a bunch of old servers on it which are a hangover from a few years ago, the servers use the firewall IP on this interface as their default gateway.  

 

The FlexFabric switches are going to be replaced with a pair of FS1048E switches configured in a MCLAG and I want to migrate to Fortilink to take advantage of the management aspect this will give us.  We also plan to replace some of the other legacy switches with FortiSwitch in due course.

 

The migration to fortilink seems to involve downloading the existing configuration and re-ording the interface definitions so the VLAN interfaces use set interface "fortilink" which I have tested on a FG60F and this seems to work fine.

 

So my question is really around the IP that is assigned to the BriggsIntTrunk interface, as this is not a VLAN interface I am assuming this is untagged and therefore how do I move this across?  I've had a couple ideas;

 

1. Create a new VLAN for the devices on this 172.19.0.0/21 network and migrate them to it

2. Move the servers onto the correct VLAN for their purpose (this is the ideal solution but will be problematic due to lack of knowledge around server use etc..)

3. Could I leave the existing aggregate interface in place just for that IP?  So there would be the fortilink and existing interfaces connecting to the 1048E switches?  I'm not sure if that would cause any issues specifically to the fortilink interface?

 

Any help would be great!  I've put a couple of screen shots below to illustrate;

 

Fortilink1.jpg

 

 

 

Fortlink2.jpg

 

Labels:
305
0 Kudos
2 REPLIES 2
Demir25
New Contributor III

Created on ‎05-02-2025 04:24 PM

Hello, yes the Briggs_IntTrunk traffic will be untagged. I am not sure here, what interfaces are members of Fortilink? X1 and X2 are normally dedicated to Fortilink and you can keep the same structure  (easily verify it with the command #show system interface). The best option would be also to create a new specific VLAN (so option 1).

255
0 Kudos
dayakma1
New Contributor

Created on ‎05-03-2025 04:38 AM

Using your picture: In order to migrate the 172.19.0.0/21 with the least infrastructure changes you would need to put it on the _default.fortilink interface. It's tagged towards the FortiGate, but as far as switching is concerned it's VLAN1.

https://omegle.onl/ vshare
https://omegle.onl/ vshare
240
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.