I don't think there is any way to swap "internal" hard-switch interface to an individual interface like "internal1" without any interruption to LAN connections if it's already in production/service. The internal interface config needs to be moved only internal1, which can be done only after you remove it from internal. So either you have to step by step:
1. remove IP config from internal
2. remove internal1 from "config sys virtual-switch"->"edit internal"
3. configure the same IP on internal1
Or download the config file, make those changes on the file, then restore/upload the config file and wait the FGT to reboot with the new config.
Removing the "internal" hard-switch completely can be done any time afterward.
This system is being configured - not yet in production.
This system is connected to the production LAN and is accessed using an on-site computer which I'm accessing remotely. Physical access is inconvenient.
The Console interface is available. So, at least some interim CLI-based configuration could be done. My limitation right now is knowing how to do each thing that's needed.
It can also be configured to be accessed via a WAN connection. Perhaps that's my best approach so I can use the GUI. But, if you might list the few commands needed with the CLI, that would be appreciated.
Right. Thank you!! I have it done now. But for others, this won't remove the switch, only the internal1 interface. And, the switch will need to have 2 remaining interfaces in order to delete internal1.
To remove the switch (and the 2+ interfaces from within it) I believe this does it:
I guess I just repeated what you said. You have to have 2, including the removing one. I meant only 1 needed after you removed the one. Or, you could have removed the internal hard-switch first after confirming it was not referred by any other parts of config by like "show | grep -f internal". Then configure internal1 or whatever you want to use.
From FortiOS 7 you can have switches with no members, and a good alternative could be to use a CLI script to perfom all changes needed. When you upload and run a CLI script all changes will be runned at the same time and you don´t need to do one line at the time :)
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.