Hi!
According to my google searches, SPAN is supported on Fortigates with HW switch. This document: https://docs.fortinet.com/uploaded/files/3621/SWMTX-560-201704-R21.pdf suggests that a FGT30D has a hardware switch and thereby should support SPAN. Still I am not seeing the Hardware type being available from CLI when i go to config system switch-interface:
FWF30D (internal) # set type switch Switch. hub Hub.
I still tried to configure SPAN on it which it allowed me to do, but I can't get it to work:
config system switch-interface edit "internal" set member "lan1" "lan3" "lan4" set span enable set span-dest-port "lan1" set span-source-port "lan4" next
Firmware is really old at v5.2.3,build670
Any ideas? Is SPAN really supported on such low end device?
They changed the software structure some point in 5.2.x related to hardware switch config. But "config system switch-interface" is config for soft-switch.
Best chance would be upgrading it to the last 5.2, which is 5.2.13 then remove them from "switch-interface" and configure them under "config system virtual-interface" if the step-by-step upgrade process doesn't automatically convert the "internal" to hard-switch.
At least I used SPAN with FG60D or E w/ 5.4.x earlier this year. So I know for sure it works with these models.
Thanks guys. Will probably try to upgrade the FW and see how it behaves.
Hi Guys. I'm using fortigate 200D firmware 5.4.1 in HA mode. Need to attach Darktrace appliance for network analysis and deep inspection. Could anyone please advice how if I can use fortigate 200 D and span/port mirror to another interface. 2) can I use multiple existing ports like WAN1, other ports in firewall to mirror onto 1 interface in FW. That I can use for deep inspection for appliance? 3) If yes to above query how?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.