- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Re: Starting over FortiSwitch configuration at For...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Starting over FortiSwitch configuration at FortiGate
I can't easily find this part of FGT-Managed FSW operation in the guid books or somewhere else. So I decided to post this.
I was trying to figure out how to duplicate Cisco CBS switch's default QoS behaviors with FSWs and looked like I messed up config probably because I was touching both FGT and FSW config via console. So I decided to start over from scratch. Then encountered some difficulty because a simple Factory reset of those managed switches via GUI doesn't erase whatever configured under "config switch-controller". Especially under "config switch-controller managed-switch".
Even when I "Delete" each FSW at WiFi&Switch Controller->Managed FortiSwitches in GUI, the config under "config switch-controller managed-switch" stays there. And maybe because of that, I don't seem to be able to re-register/re-authorize the FSWs. In this situation, do I have to go in CLI and delete all of them one by one (or just "purge")?
Or, is there a simple button to erase all FSW related config without factory-resetting the entire FGT config?
Thanks,
Toshi
Solved! Go to Solution.
Labels:
- Labels:
-
FortiGate
-
FortiSwitch
2 Solutions
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I did that FSW factory reset first then realized it didn't cause it to disappear from the managed FSW view in GUI. That's why I asked.
But at the same time I decided to upgrade all FSWs from 7.0.6 to 7.2.4 based on TAC's recommendation through a QoS config ticket, so I ended up factoryresetting the FGT as well, and am starting over on both FGT and FSWs now.
This is just a test environment so I need to figure out how to do this in real existing FGT customer situations before we start installing FSWs to them.
For now I don't have the situation any more. Thank you for responding to me.
Toshi
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
After further testing, I opened a ticket at TAC and I got the answer to my original question. It's not a single button but a 2-step operation.
To erase what the FGT has learned and start over an FSW activation in GUI after factoryreseting the FSW is:
1) "Deauthorize" the FSW in the context menu, which would cause it to disappear from the "List" view.
2) Switch to "Topology" view and "Delete" the FSW in the context menu.
Toshi
4 REPLIES 4
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Good question. You probably have to delete from the CLI on the FortiGate.
Not sure if it makes any diffence, did you do factory reset from the FortiGate or the FortiSwitch console?
Cheers,
Graham
Graham
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I did that FSW factory reset first then realized it didn't cause it to disappear from the managed FSW view in GUI. That's why I asked.
But at the same time I decided to upgrade all FSWs from 7.0.6 to 7.2.4 based on TAC's recommendation through a QoS config ticket, so I ended up factoryresetting the FGT as well, and am starting over on both FGT and FSWs now.
This is just a test environment so I need to figure out how to do this in real existing FGT customer situations before we start installing FSWs to them.
For now I don't have the situation any more. Thank you for responding to me.
Toshi
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
After further testing, I opened a ticket at TAC and I got the answer to my original question. It's not a single button but a 2-step operation.
To erase what the FGT has learned and start over an FSW activation in GUI after factoryreseting the FSW is:
1) "Deauthorize" the FSW in the context menu, which would cause it to disappear from the "List" view.
2) Switch to "Topology" view and "Delete" the FSW in the context menu.
Toshi
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Same can be done in CLI:
config switch-controller managed-switch
edit <Serial_Number>
set fsw-wan1-admin disable
end
config switch-controller managed-switch
del <Serial_Number>
end
Related Posts
- ipv6 - internal lan interface cannot... 124 Views
- Packet duplication not done in session... 112 Views
- Connecting Two SIP Trunks with Different... 215 Views
- How to Migrate VLANs to Virtual... 240 Views
- Migration tool from Cisco Switch to... 104 Views
Labels
-
FortiGate
6,425 -
FortiClient
1,281 -
5.2
801 -
5.4
639 -
FortiManager
558 -
6.0
416 -
FortiAnalyzer
409 -
5.6
362 -
FortiSwitch
330 -
FortiAP
323 -
FortiClient EMS
259 -
6.2
251 -
FortiMail
239 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
148 -
6.4
128 -
FortiNAC
102 -
FortiGuard
102 -
FortiGateCloud
86 -
FortiSIEM
85 -
FortiCloud Products
81 -
FortiToken
69 -
Customer Service
69 -
4.0MR3
64 -
IPsec
62 -
Wireless Controller
56 -
SSL-VPN
52 -
FortiProxy
44 -
FortiADC
42 -
Fortivoice
41 -
FortiEDR
38 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
31 -
FortiSandbox
30 -
FortiSwitch v6.4
28 -
FortiConnect
23 -
SD-WAN
23 -
FortiWAN
22 -
FortiConverter
21 -
High Availability
20 -
Firewall policy
20 -
VLAN
17 -
FortiPortal
17 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
ZTNA
15 -
FortiMonitor
14 -
Certificate
14 -
FortiDDoS
13 -
Routing
12 -
FortiCASB
12 -
SAML
11 -
DNS
11 -
FortiGate v5.0
10 -
FortiRecorder
10 -
Interface
10 -
VDOM
10 -
FortiWeb v5.0
9 -
BGP
9 -
LDAP
9 -
FortiManager v5.0
9 -
4.0MR2
9 -
Logging
9 -
Traffic shaping
8 -
Virtual IP
8 -
RADIUS
7 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
fortilink
7 -
FortiAnalyzer v5.0
7 -
Admin
7 -
FortiGate v4.0 MR3
7 -
4.0
7 -
Fortigate Cloud
6 -
NAT
6 -
IP address management - IPAM
6 -
SSID
5 -
Traffic shaping policy
5 -
Authentication
5 -
FortiBridge
5 -
SNMP
5 -
SSO
5 -
Application control
5 -
FortiAuthenticator
5 -
Static route
5 -
FortiManager v4.0
5 -
FortiDirector
4 -
SSL SSH inspection
4 -
Security profile
4 -
WAN optimization
4 -
DNS Filter
4 -
FortiCarrier
4 -
FortiCache
4 -
3.6
4 -
FortiScan
4 -
Proxy policy
4 -
packet capture
3 -
Web application firewall profile
3 -
FortiToken Cloud
3 -
Automation
3 -
DoS policy
3 -
FortiTester
3 -
OSPF
3 -
Port policy
3 -
FortiDB
3 -
IPS signature
3 -
FortiDeceptor
2 -
FortiInsight
2 -
Antivirus profile
2 -
VoIP profile
2 -
Traffic shaping profile
2 -
Web profile
2 -
FortiAP profile
2 -
Intrusion prevention
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
trunk
2 -
NAC policy
1 -
SDN connector
1 -
4.0MR1
1 -
Users
1 -
Subscription Renewal Policy
1 -
FortiCWP
1 -
FortiNDR
1 -
Web rating
1 -
Application signature
1 -
Authentication rule and scheme
1 -
Multicast routing
1 -
Zone
1 -
FortiManager-VM
1 -
Fabric connector
1 -
Internet Service Database
1 -
Fortinet Engage Partner Program
1 -
System settings
1 -
Explicit proxy
1 -
TACACS
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.