Hi all, 

I have 2 switches connected to 2 fortigate interfaces that forms a software switch. This software switch routes some Vlans that terminates at these ports. Both ports share layer 2 and 3 parameters. When traffic from different vlans reaches firewalls, I route traffic between then with rules.

I won't go into the details of this design, but the switches are in different locations and need to share networks/vlans.

With software switch, servers from both switches can directly reach the gateway with direct connections to the firewall. In some cases, I move virtual servers between locations (using a dedicated Fiber cable) and with this topology servers works with same network configuration in both sites.

I would like to connect a new cable between switch 1 and switch 2 to bypass traffic between same vlans but, if I do that, I'll form a layer 2 loop. (Red line diagram). What I would like if it's possible is:

1)Use 2 different ports in firewall to can route same networks/vlans (north south).

2)Add a new connection to bypass east-west traffic between same vlans (witouth routing). I don't want in any case to use spanning tree.

Is there any way to do that? Changing the software switch to another type of configuration would not be a problem.

I attach a symple diagram so you can better understand the topology. I know this is probably not possible, but I prefer to confirm with you. I can't form a LAG cause switches doesn't forms an MCLAG or stack and is not possible to form it with them.