- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Same VLAN on Multiiple Fortilink Interfaces
I have a scenario where there are two different Fortilink interfaces on a FortiGate. I need to extend a particular VLAN from the gate to both Fortilink-managed switches. Unfortunately this requires me to require a VLAN sub-interface on each Fortilink interface. One has an IP address configured and the other is just 0.0.0.0/0. I assumed, maybe incorrectly, that this would just do 802.1q and pass layer-2 between interfaces but I also know this is a firewall and that sort of behavior may not work. Can anyone confirm if this is supported? If not, is the only solution to re-architect this and reconfigure for only a single Fortilink?
- Labels:
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello claydawg,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello claydawg,
This document may help you with what you need: https://docs.fortinet.com/document/fortigate/6.2.15/cookbook/454200/multiple-fortiswitches-managed-v...
Let me know if you need further help, or feel free to contact us.
Kind regards,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks, Stephen. Unfortunately I don't see anything in that docs that answers my question. I'm really hoping there is a way to make this work. I just don't see the value in FortiLink. It seems like it just makes traditional networking more difficult and restrictive.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks. This is a huge drawback of FortiLink. I understand the simplicity of it, but it really limits your ability to customize the network after the fact.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @claydawg
- Are your FSW interconnected? Do they need to be interconnected?
- Do your FSW support ICL or ISL?
- Why do you need to the VLAN to both FSW?
- Why you need to use 2 FortiLinks?
If you elaborate a bit more maybe we can help.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Why do I need to extend the same VLAN to two different switches? I can't even believe I'm being asked that question. I don't mean to be rude but this is a common practice on any network. There's no need to justify the necessity.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Depending on your design requirements this is what you may need.
By setting FortiLink over HW/SW switch should allow you via one FortiLink to have the same VLAN(s) propagated to both FSW and the same gateway visible from the managed switches.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi, I have read entire topic and still I can not believe that If I have two fortilink on fortigate, I can not have the same vlan o two FL??
So, I we build new rack on different floor, I have to continue my current fortilink from the last switch to the new rack on next floor?