hello there,
need help.
we use fortigate FG60F with firmware 7.2.4
there are 2 ports as member on Fortilink.
I want to change all members on fortilink into manual mode.
am I able to do that?
I already remove 1 port via GUI, and success. but I can't remove another port as well.
current configuration:
internal2 to internal5 already to physical interface
b already to physical interface.
hardware switch, configured as detail:
a -> role configured as "WAN"
b -> role configured as "undefined"
kindly please help
thank you
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi @papapuff ,
Here is how to change the port from auto-discovery, and default auto-discovery ports for each switch model:
thanks dbu
after we activate it, we found there is no member on fortilink.
I'm wonder and afraid, if use command:set internal-switch-mode interface
will all settings made for each interface will be deleted/reset? or only 2 members that still on group "hardware-switch"
I believe the command "set internal-switch-mode interface" , will change to interface mode and all the configuration related to this port will be lost.
To change the mode make sure that none of its interfaces are referenced in the configuraiton.
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Switch-mode-vs-interface-mode/ta-p/189832
Created on 10-09-2023 12:28 AM Edited on 10-09-2023 12:29 AM
hello,
noted on your comment.
then if such as above,
is there a way, I remove members from hardware switch via GUI?
because when I remove, system require at least 1 interface connected
Here is how i do it from CLI :
FGT (interface) # edit "fortilink"
show
FGT (fortilink) # show
config system interface
edit "fortilink"
set vdom "root"
set fortilink enable
set ip 10.255.1.1 255.255.255.0
set allowaccess ping fabric
set status down
set type aggregate
set member "port7" "port8" >>>members
set lldp-reception enable
set lldp-transmission enable
set snmp-index 14
next
end
FGT (fortilink) # unset member
FGT (fortilink) # set fortilink disable
FGT (fortilink) # show
config system interface
edit "fortilink"
set vdom "root"
set ip 10.255.1.1 255.255.255.0
set allowaccess ping fabric
set status down
set type aggregate
set lldp-reception enable
set lldp-transmission enable
set snmp-index 14
next
end
##################################
I believe you can do the same from GUI :
hello
thanks for sharing it.
unfortunately still I can't do the same way.
when remove members, system not allowed to save the configuration, need assign at least one member.
I try to change switch mode to interface mode, but get error. seems I need to delete all policies, not just policies related to those interfaces in members of hardware-switch
already escalate to fortinet support. perhaps there is a solution.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1702 | |
1092 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.