Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
elankeeran
New Contributor

Created on ‎08-30-2023 02:46 AM Edited on ‎08-30-2023 08:23 AM

Trunking in FSW

Just realized that the term Trunk is not the same in FSW as in Cisco. Thats why I am trying to clarify trunking between cisco and FWS.

I have a:

  • FWS
    • with just one VLAN (VLAN 10)
    • on Port3 is a computer connected:
      • native & allowed vlan 10
    • Trunk:
      • no Ling Aggression.
      • just want to use the nr port 24 to forward traffic from vlan 10 to a cisco port which is in access mode vlan 10.
  • cisco swich
    • with VLAN 9 & 11
    • on port 15 is a laptop connected:
      • mode access vlan 10
    • Trunk on port 25
      • mode trunk
      • native vlan 9
      • allowed vlan 1, 10 & 11

So my question is:

  • I know that, while trunking both switches's ports should have the same vlan as native vlan.
  • Since my cisco switch has vlan 9 as native, i configured the FSW like this:
    • edit port24
    • set native-vlan 9
    • set allowed-vlan 10
    • set stp-state enabled

I see that my traffic goes through and i can ping the laptop on my cisco switch. Am i doing it correctly ?

 

 

image.png

Labels:
296
0 Kudos
1 Solution
Toshi_Esumi
Esteemed Contributor III

Created on ‎08-30-2023 08:04 AM

Your descriptions are mismatching. If the diagram is correct, the config for port24 on the FSW should be:
config switch interface

  edit port24

    set native-vlan 9

    set allowed-vlan 10

  next

end

 

STP/MSTP is enabled by default at all ports.

 

Toshi

View solution in original post

258
3 REPLIES 3
Toshi_Esumi
Esteemed Contributor III

Created on ‎08-30-2023 08:04 AM

Your descriptions are mismatching. If the diagram is correct, the config for port24 on the FSW should be:
config switch interface

  edit port24

    set native-vlan 9

    set allowed-vlan 10

  next

end

 

STP/MSTP is enabled by default at all ports.

 

Toshi

259
Toshi_Esumi
Esteemed Contributor III
In response to Toshi_Esumi

Created on ‎08-30-2023 08:18 AM

And for the device port:
edit port3

  set native-vlan 10

next

 

You don't need to configure allowed-vlan for the native-vlan. Then this is practically the same as Cisco's "access" port with "switchport access vlan 10".

 

255
elankeeran
New Contributor
In response to Toshi_Esumi

Created on ‎08-30-2023 08:22 AM

Thank you for answering.

Yes you are right. the diagram is the corret one and the config should be like yours. Thank you.

253
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.​

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2023 Fortinet, Inc. All Rights Reserved.