Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Itaid
New Contributor

Created on ‎12-23-2024 12:36 AM

Vlan and Trunk

vlan.jpg

Best Way to configure Fortinet 60f as per given topology. In this topology every Lan5 -Lan 7 is connected to L2 manageable switches. All client devices are connected through these L2 switches.  What will be the best possible configuration?

Labels:
613
0 Kudos
10 REPLIES 10
ebilcari
Staff
Staff

Created on ‎12-23-2024 12:50 AM

This will depend, are these Fortiswitches, do you need to span same VLANs through all the switches, is there any throughput requirement for horizontal traffic?

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
538
0 Kudos
Itaid
New Contributor
In response to ebilcari

Created on ‎12-23-2024 01:01 AM

No these are not Fortiswitches, they may be any other switches from different vendors such as cisco, ruijie etc. I need all VLANs through all switches and no throughput requirement.

531
0 Kudos
ebilcari
Staff
Staff
In response to Itaid

Created on ‎12-23-2024 01:07 AM

The easiest way could be creating a hardware switch with these 4 interfaces and create VLANs on top of it, like this:

vlan-ex.PNG

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
526
0 Kudos
Itaid
New Contributor
In response to ebilcari

Created on ‎12-23-2024 01:31 AM

you are using software switch in above diagram. Is hardware switch and software switch same?

506
0 Kudos
ebilcari
Staff
Staff
In response to Itaid

Created on ‎12-23-2024 02:19 AM

Currently I have access to a FGT VM that doesn't support a HW SW :)

From the configuration perspective is the same, but there are differences and using a hardware switch is recommended in FGT models that support it. In the section of the guide here there is a table that list the differences.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
486
0 Kudos
Itaid
New Contributor
In response to Itaid

Created on ‎12-23-2024 01:13 AM

There is no option of hardware switch in some models. I'm not sure if it is available in 60F or not!

518
0 Kudos
ebilcari
Staff
Staff
In response to Itaid

Created on ‎12-23-2024 01:23 AM

Based on the Hardware Acceleration guide and its architecture, this model should support hardware switch.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
511
0 Kudos
Toshi_Esumi
SuperUser
SuperUser

Created on ‎12-23-2024 09:29 AM

By the way, the 60F doesn't have LAN6-8. It has 1-5 LAN port, a/b fortilink ports, and DMZ port. So you have to utilize a/b and DMZ as LAN6-8 if LAN1-5 are pre-occupied.
All of them are under the same switching fabric so you can bind them into a hardware-switch(or VLAN switch by default) once you removed a and b from fortilink.
https://docs.fortinet.com/document/fortigate/7.6.1/hardware-acceleration/758378/fortigate-60f-and-61...

Toshi

385
0 Kudos
Itaid
New Contributor
In response to Toshi_Esumi

Created on ‎12-24-2024 01:32 AM

Yes indeed, port 1-5 is free and not occupied. So we can use 1-5 instead of 6-8.Can you please elaborate with example or  configuration of using vlan switch?

342
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.