Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • New Features

    6.2.0
    7.6.0
    7.4.0
    7.2.0
    7.0.0
    6.4.0
    6.2.0

    FortiLink Auto Network Configuration Policy

    FortiLink Auto Network Configuration Policy

    In 6.0, FortiLink supports automatic network detection and configuration. As links can automatically appear and disappear, this presents challenges for customization because administrators can only select the default QoS policy which is applied to all FortiSwitch units in the network. In some cases, this is enough, but larger and more complex topologies require more flexibility.

    In 6.2, the Switch Controller introduces a network auto-config option, which contains configurable defaults, policy customization, and an individual interface override. This gives administrators simple and flexible control.

    Following is a description of these options:

    auto-config default Provides the default actions for the first hop (fgt-policy) and lower-tier devices (isl-policy).
    auto-config policy A database containing policies that can be applied as a system-wide default or to a specific interface.
    auto-config custom Allows for the override of the auto-config default on a specific interface. This information is retained and is reapplied if an interface leaves and then is rediscovered.
    To configure automatic network detection:
    1. Create or modify an auto-config policy: 
      config switch-controller auto-config  policy 
    edit test123 
        get
            name                : test123
            qos-policy          : default      <== leverage the default qos-policy
            storm-control-policy: auto-config  <== leverage auto-config storm-control-policy by default
            poe-status          : enable       <== If target of auto-config is poe port, keep poe-status enabled by default
    next
end
    2. Designate an auto-config policy to FortiLink, ISL, or ICL on Managed FortiSwitches. 
      config switch-controller auto-config default 
    get
        fgt-policy          : test123 
        isl-policy          : test123 
        icl-policy          : test123 
    set  ?
        fgt-policy    Default FortiLink auto-config policy.
        isl-policy    Default ISL auto-config policy.
        icl-policy    Default ICL auto-config policy.
end
    3. Customize an auto-config policy for a specific FGT, ICL, or ISL interface. 
      config switch-controller auto-config custom 
    edit ? 
      *name    Auto-Config FortiLink or ISL/ICL interface name.
    edit G5H0E391790XXXX
      new entry 'G5H0E391790XXXX' added
        config switch-binding 
            edit ?
              *switch-id    Switch name.
            edit S524DN4K1500XXXX
              new entry 'S524DN4K1500XXXX' added
                get
                    switch-id           : S524DN4K1500XXXX
                    policy              : default 
            next
        end
    next
end
    Previous
    Next

    FortiLink Auto Network Configuration Policy

    FortiLink Auto Network Configuration Policy

    In 6.0, FortiLink supports automatic network detection and configuration. As links can automatically appear and disappear, this presents challenges for customization because administrators can only select the default QoS policy which is applied to all FortiSwitch units in the network. In some cases, this is enough, but larger and more complex topologies require more flexibility.

    In 6.2, the Switch Controller introduces a network auto-config option, which contains configurable defaults, policy customization, and an individual interface override. This gives administrators simple and flexible control.

    Following is a description of these options:

    auto-config default Provides the default actions for the first hop (fgt-policy) and lower-tier devices (isl-policy).
    auto-config policy A database containing policies that can be applied as a system-wide default or to a specific interface.
    auto-config custom Allows for the override of the auto-config default on a specific interface. This information is retained and is reapplied if an interface leaves and then is rediscovered.
    To configure automatic network detection:
    1. Create or modify an auto-config policy: 
      config switch-controller auto-config  policy 
    edit test123 
        get
            name                : test123
            qos-policy          : default      <== leverage the default qos-policy
            storm-control-policy: auto-config  <== leverage auto-config storm-control-policy by default
            poe-status          : enable       <== If target of auto-config is poe port, keep poe-status enabled by default
    next
end
    2. Designate an auto-config policy to FortiLink, ISL, or ICL on Managed FortiSwitches. 
      config switch-controller auto-config default 
    get
        fgt-policy          : test123 
        isl-policy          : test123 
        icl-policy          : test123 
    set  ?
        fgt-policy    Default FortiLink auto-config policy.
        isl-policy    Default ISL auto-config policy.
        icl-policy    Default ICL auto-config policy.
end
    3. Customize an auto-config policy for a specific FGT, ICL, or ISL interface. 
      config switch-controller auto-config custom 
    edit ? 
      *name    Auto-Config FortiLink or ISL/ICL interface name.
    edit G5H0E391790XXXX
      new entry 'G5H0E391790XXXX' added
        config switch-binding 
            edit ?
              *switch-id    Switch name.
            edit S524DN4K1500XXXX
              new entry 'S524DN4K1500XXXX' added
                get
                    switch-id           : S524DN4K1500XXXX
                    policy              : default 
            next
        end
    next
end
    Previous
    Next