Setting Up Fortigate Interface Mode and Soft-Switch

Often times it is advantageous to divide up the internal swtich into individual interfaces.  Reasons for doing this include additioanl hardware port for routing, or additional ports to implement one-arm sniffers.  The following are some of the commands necessary to accomplish this.

To put a FortiGate in Interface mode:

config system global
set internal-switch-mode interface

To create a software-switch

config system switch-interface
edit name (example SW1-3)
set member internal1 internal2 internal3 (the names may be different depending on firmware and model,  you can use the tab key to scroll through valid names)..
set vdom root
next
end

To assign an IP address and management access to the software-switch

config system interface
edit SW1-3
set ip address and mask (example 192.168.1.1 255.255.255.0)
set allowaccess ping https ssh
next
end

For IT Support and InfoSec services in the Dayton, Ohio area please visit our web site at www.quanexus.com

 

This entry was posted in IT (Informatin Technology). Bookmark the permalink.

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>