Hi!. Currently we have a FortiSwitch directly connected and managed by a FortiGate. The trunk between the FortiSwitch and the FortiGate is automatically formed by fortilink (default-auto-isl), so the name of this trunk corresponds to the serial-number of the FortiGate. The FortiGate is managed by a FortiManager.
In the event of a FortiGate failure, what would be the process to replace it? Is it necessary to apply some configuration in the FortiSwitch so that the trunk updates the name or does this change automatically?
Thanks,
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello dcbz123,
In the event of a FortiGate failure, the replacement process should be straightforward, especially if you are managing the FortiGate configuration through a FortiManager. The FortiSwitch trunk (FortiLink) will automatically update with the new FortiGate's serial number without needing manual changes.
+Make sure the new FortiGate has the same or compatible hardware and firmware version as the old one.
+Restore Configuration: This process should apply all the necessary settings, including the FortiSwitch configuration.
+The FortiSwitch configuration, including the trunk interface (FortiLink), is typically managed by the FortiGate. When you restore the FortiGate configuration , it should automatically recreate the trunk interface with the new FortiGate's serial number.
Regards,
Shilpa C.P
In addition, if you're using some custom-command to configure like QoS on the fortilink/trunk interface, you need to update the command with the new FGT's S/N after swapping the FGT. To push it to the switches, you need to reboot the FGT again.
If you didn't configure it yourself and you want to make sure if your FGT is NOT using anything like that, just search the number part of S/N in CLI with "grep". The interface name always drops the first 'F' then starts with like 'GT60FTKxxxxxxx'.
Toshi
Thanks Toshi,
I don't have custom-commands for the trunk between FGT-FSW. I have is custom-commands for switch-controller global (flan-cloud disable).
Thanks Shilpa1,
I guess I should connect the FortiSwitch only after all config have been restored to new Fortigate.
Hi Team,
In FGT failure, the switch will also go offline
I'm facing a situation where I have a FortiAP directly connected and managed by a FortiGate using a FortiLink trunk. The trunk's name corresponds to the FortiGate's serial number, established as the default-auto-isl. Now, in the unfortunate event of a FortiGate failure, I'm curious about the process to replace it smoothly. I wonder if there's a need to configure the FortiAP to ensure the trunk's name updates automatically or if it requires manual intervention.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1710 | |
1093 | |
752 | |
446 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.