Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
IkkIMagna
New Contributor

assign port of lan FortiGate 60F

Dear All,

 

 

I have set firewall FortiGate 60F  V7.05

 

from 

Technical Tip: How to create a VLAN tagged interface (802.1q) on a FortiGate - tagged/untagged traffic

 

in forum

 

There is Lan 1 only...

I want to separete differnet port 1 for vlan 1, port 2 for vlan2

but it show lan for total...

 

Please advise...

ThxLan1Lan1want to seprate vlanwant to seprate vlan

 

IkkI
IkkI
1 Solution
pminarik

There is a cheeky way to remove one interface directly, without having to dismantle the soft-switch first:

 

  1. Open the "lan" switch interface.
  2. Notice the URL: /ng/interface/edit/lan
  3. Rewrite the URL to the name of the hw-switch and open the new URL: /ng/interface/edit/internal
  4. You should be in the GUI editor of the "internal" HW switch, and you should be able to remove the internal1/2/etc members as desired.

Apart from this, it should also still be possible to pop it out via CLI, if I remember correctly:

 

 

config system virtual switch
    edit internal
    config port
        delete internal2
    end
end

 

 

 

[ corrections always welcome ]

View solution in original post

8 REPLIES 8
akristof
Staff
Staff

Hello,

I think your internal port is vlan switch that has all other ports internal1-internal5 as a members. So you would need to remove internal2 port from that vlan switch and then you can create VLAN under that physical interface.

Adrian
IkkIMagna

IkkIMagna_1-1657697733283.png

 

IkkIMagna_2-1657697871197.png

 

 

 

That is what I want to do....

I want to change  internal  port as you say,

I also find that internal contain menbers port 1 — port 5

Pls advise how to remove port2?

IkkI
IkkI
akristof

Hello,

Based on the screenshot you have software-switch that has the member your internal hardware-switch. You would need to remove this hardware switch from software-switch first and then you should be able to remove internal2 from hardware-switch. But in order to do this, you will need to remove current references for that Magna_Lan1 interface.

Adrian
IkkIMagna

If I remove softeware switches, can I access router from lan?

 

On the other hand, there are a lot Ref. relate to Software switches already. It quick difficult to remove it...

IkkI
IkkI
akristof

Hello,

You will not be. Because no port will be assigned to your software-switch. So you would need to connect either via console (you would need to do all changed via CLI) or via different port, for example wan port. And then play with LAN ports.

Adrian
IkkIMagna

is it possibe add Wan2 interface menber in Magna_lan1,(as the same time, plug lan line from wan2 to hardware switch)

Then, remove "internal" from interface menber in Magna_lan1?

 

 

 

After this, should "internal" can be display and edit???

IkkI
IkkI
akristof

Hello,

Yes, it should be. But be careful. When you are going to do this kind of action, always have backup plan, in this case have console cable available in case you will need to configure something via CLI.

Adrian
pminarik

There is a cheeky way to remove one interface directly, without having to dismantle the soft-switch first:

 

  1. Open the "lan" switch interface.
  2. Notice the URL: /ng/interface/edit/lan
  3. Rewrite the URL to the name of the hw-switch and open the new URL: /ng/interface/edit/internal
  4. You should be in the GUI editor of the "internal" HW switch, and you should be able to remove the internal1/2/etc members as desired.

Apart from this, it should also still be possible to pop it out via CLI, if I remember correctly:

 

 

config system virtual switch
    edit internal
    config port
        delete internal2
    end
end

 

 

 

[ corrections always welcome ]
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors