SPAN and FGT30D

Shagma · ‎10-30-2018

Hi!

According to my google searches, SPAN is supported on Fortigates with HW switch. This document: https://docs.fortinet.com/uploaded/files/3621/SWMTX-560-201704-R21.pdf suggests that a FGT30D has a hardware switch and thereby should support SPAN. Still I am not seeing the Hardware type being available from CLI when i go to config system switch-interface:

FWF30D (internal) # set type switch Switch. hub Hub.

I still tried to configure SPAN on it which it allowed me to do, but I can't get it to work:

config system switch-interface edit "internal" set member "lan1" "lan3" "lan4" set span enable set span-dest-port "lan1" set span-source-port "lan4" next

Firmware is really old at v5.2.3,build670

Any ideas? Is SPAN really supported on such low end device?

Toshi_Esumi · ‎10-30-2018

They changed the software structure some point in 5.2.x related to hardware switch config. But "config system switch-interface" is config for soft-switch.

Best chance would be upgrading it to the last 5.2, which is 5.2.13 then remove them from "switch-interface" and configure them under "config system virtual-interface" if the step-by-step upgrade process doesn't automatically convert the "internal" to hard-switch.

Toshi_Esumi · ‎10-30-2018

At least I used SPAN with FG60D or E w/ 5.4.x earlier this year. So I know for sure it works with these models.

Shagma · ‎11-01-2018

Thanks guys. Will probably try to upgrade the FW and see how it behaves.

adogra · ‎01-04-2019

Hi Guys. I'm using fortigate 200D firmware 5.4.1 in HA mode. Need to attach Darktrace appliance for network analysis and deep inspection. Could anyone please advice how if I can use fortigate 200 D and span/port mirror to another interface. 2) can I use multiple existing ports like WAN1, other ports in firewall to mirror onto 1 interface in FW. That I can use for deep inspection for appliance? 3) If yes to above query how?

SPAN and FGT30D

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website