config switch-controller managed-switch
|
This command is available for model(s): FortiGate 1000D, FortiGate 100D, FortiGate 100EF, FortiGate 100E, FortiGate 100F, FortiGate 101E, FortiGate 101F, FortiGate 1100E, FortiGate 1101E, FortiGate 1200D, FortiGate 140D-POE, FortiGate 140D, FortiGate 140E-POE, FortiGate 140E, FortiGate 1500DT, FortiGate 1500D, FortiGate 2000E, FortiGate 200E, FortiGate 201E, FortiGate 2200E, FortiGate 2201E, FortiGate 2500E, FortiGate 3000D, FortiGate 300D, FortiGate 300E, FortiGate 301E, FortiGate 30E 3G4G GBL, FortiGate 30E 3G4G INTL, FortiGate 30E 3G4G NAM, FortiGate 30E, FortiGate 3100D, FortiGate 3200D, FortiGate 3300E, FortiGate 3301E, FortiGate 3400E, FortiGate 3401E, FortiGate 3600E, FortiGate 3601E, FortiGate 3700D, FortiGate 3800D, FortiGate 3810D, FortiGate 3815D, FortiGate 3960E, FortiGate 3980E, FortiGate 400D, FortiGate 400E Bypass, FortiGate 400E, FortiGate 401E, FortiGate 40F 3G4G, FortiGate 40F, FortiGate 500D, FortiGate 500E, FortiGate 501E, FortiGate 50E, FortiGate 51E, FortiGate 52E, FortiGate 600D, FortiGate 600E, FortiGate 601E, FortiGate 60E DSLJ, FortiGate 60E DSL, FortiGate 60E-POE, FortiGate 60E, FortiGate 60F, FortiGate 61E, FortiGate 61F, FortiGate 800D, FortiGate 80E-POE, FortiGate 80E, FortiGate 80F Bypass, FortiGate 80F-POE, FortiGate 80F, FortiGate 81E-POE, FortiGate 81E, FortiGate 81F-POE, FortiGate 81F, FortiGate 900D, FortiGate 90E, FortiGate 91E, FortiGate 92D, FortiGate-VM64, FortiGateRugged 30D, FortiGateRugged 35D, FortiGateRugged 60F 3G4G, FortiGateRugged 60F, FortiGateRugged 90D, FortiWiFi 30E 3G4G INTL, FortiWiFi 30E 3G4G NAM, FortiWiFi 30E, FortiWiFi 40F 3G4G, FortiWiFi 40F, FortiWiFi 50E 2R, FortiWiFi 50E, FortiWiFi 51E, FortiWiFi 60E DSLJ, FortiWiFi 60E DSL, FortiWiFi 60E, FortiWiFi 60F, FortiWiFi 61E, FortiWiFi 61F, FortiWiFi 80F 2R, FortiWiFi 81F 2R-POE, FortiWiFi 81F 2R. It is not available for: FortiGate 5001D, FortiGate 5001E1, FortiGate 5001E. |
Configure FortiSwitch devices that are managed by this FortiGate.
config switch-controller managed-switch
Description: Configure FortiSwitch devices that are managed by this FortiGate.
edit <switch-id>
config 802-1X-settings
Description: Configuration method to edit FortiSwitch 802.1X global settings.
set link-down-auth [set-unauth|no-action]
set local-override [enable|disable]
set max-reauth-attempt {integer}
set reauth-period {integer}
end
set access-profile {string}
config custom-command
Description: Configuration method to edit FortiSwitch commands to be pushed to this FortiSwitch device upon rebooting the FortiGate switch controller or the FortiSwitch.
edit <command-entry>
set command-name {string}
next
end
set delayed-restart-trigger {integer}
set description {string}
set directly-connected {integer}
set dynamic-capability {integer}
set dynamically-discovered {integer}
set flow-identity {user}
set fsw-wan1-admin [discovered|disable|...]
set fsw-wan1-peer {string}
config igmp-snooping
Description: Configure FortiSwitch IGMP snooping global settings.
set aging-time {integer}
set flood-unknown-multicast [enable|disable]
set local-override [enable|disable]
end
set mclag-igmp-snooping-aware [enable|disable]
config mirror
Description: Configuration method to edit FortiSwitch packet mirror.
edit <name>
set dst {string}
set src-egress <name1>, <name2>, ...
set src-ingress <name1>, <name2>, ...
set status [active|inactive]
set switching-packet [enable|disable]
next
end
set name {string}
set override-snmp-community [enable|disable]
set override-snmp-sysinfo [disable|enable]
set override-snmp-trap-threshold [enable|disable]
set override-snmp-user [enable|disable]
set owner-vdom {string}
set poe-detection-type {integer}
set poe-lldp-detection [enable|disable]
set poe-pre-standard-detection [enable|disable]
config ports
Description: Managed-switch port list.
edit <port-name>
set allowed-vlans <vlan-name1>, <vlan-name2>, ...
set allowed-vlans-all [enable|disable]
set arp-inspection-trust [untrusted|trusted]
set bundle [enable|disable]
set description {string}
set dhcp-snoop-option82-trust [enable|disable]
set dhcp-snooping [untrusted|trusted]
set discard-mode [none|all-untagged|...]
set edge-port [enable|disable]
set export-tags <tag-name1>, <tag-name2>, ...
set export-to {string}
set export-to-pool {string}
set fgt-peer-device-name {string}
set fgt-peer-port-name {string}
set fiber-port {integer}
set flags {integer}
set fortilink-port {integer}
set igmp-snooping [enable|disable]
set igmps-flood-reports [enable|disable]
set igmps-flood-traffic [enable|disable]
set isl-local-trunk-name {string}
set isl-peer-device-name {string}
set isl-peer-port-name {string}
set lacp-speed [slow|fast]
set learning-limit {integer}
set lldp-profile {string}
set lldp-status [disable|rx-only|...]
set loop-guard [enabled|disabled]
set loop-guard-timeout {integer}
set mac-addr {mac-address}
set max-bundle {integer}
set mclag [enable|disable]
set member-withdrawal-behavior [forward|block]
set members <member-name1>, <member-name2>, ...
set min-bundle {integer}
set mode [static|lacp-passive|...]
set packet-sample-rate {integer}
set packet-sampler [enabled|disabled]
set poe-capable {integer}
set poe-pre-standard-detection [enable|disable]
set poe-status [enable|disable]
set port-number {integer}
set port-owner {string}
set port-prefix-type {integer}
set port-security-policy {string}
set port-selection-criteria [src-mac|dst-mac|...]
set qos-policy {string}
set sample-direction [tx|rx|...]
set sflow-counter-interval {integer}
set speed [10half|10full|...]
set stacking-port {integer}
set status [up|down]
set sticky-mac [enable|disable]
set storm-control-policy {string}
set stp-bpdu-guard [enabled|disabled]
set stp-bpdu-guard-timeout {integer}
set stp-root-guard [enabled|disabled]
set stp-state [enabled|disabled]
set switch-id {string}
set type [physical|trunk]
set untagged-vlans <vlan-name1>, <vlan-name2>, ...
set vlan {string}
next
end
set pre-provisioned {integer}
config remote-log
Description: Configure logging by FortiSwitch device to a remote syslog server.
edit <name>
set csv [enable|disable]
set facility [kernel|user|...]
set port {integer}
set server {string}
set severity [emergency|alert|...]
set status [enable|disable]
next
end
config snmp-community
Description: Configuration method to edit Simple Network Management Protocol (SNMP) communities.
edit <id>
set events {option1}, {option2}, ...
config hosts
Description: Configure IPv4 SNMP managers (hosts).
edit <id>
set ip {user}
next
end
set name {string}
set query-v1-port {integer}
set query-v1-status [disable|enable]
set query-v2c-port {integer}
set query-v2c-status [disable|enable]
set status [disable|enable]
set trap-v1-lport {integer}
set trap-v1-rport {integer}
set trap-v1-status [disable|enable]
set trap-v2c-lport {integer}
set trap-v2c-rport {integer}
set trap-v2c-status [disable|enable]
next
end
config snmp-sysinfo
Description: Configuration method to edit Simple Network Management Protocol (SNMP) system info.
set contact-info {string}
set description {string}
set engine-id {string}
set location {string}
set status [disable|enable]
end
config snmp-trap-threshold
Description: Configuration method to edit Simple Network Management Protocol (SNMP) trap threshold values.
set trap-high-cpu-threshold {integer}
set trap-log-full-threshold {integer}
set trap-low-memory-threshold {integer}
end
config snmp-user
Description: Configuration method to edit Simple Network Management Protocol (SNMP) users.
edit <name>
set auth-proto [md5|sha]
set auth-pwd {password}
set priv-proto [aes|des]
set priv-pwd {password}
set queries [disable|enable]
set query-port {integer}
set security-level [no-auth-no-priv|auth-no-priv|...]
next
end
set staged-image-version {string}
config static-mac
Description: Configuration method to edit FortiSwitch Static and Sticky MAC.
edit <id>
set description {string}
set interface {string}
set mac {mac-address}
set type [static|sticky]
set vlan {string}
next
end
config storm-control
Description: Configuration method to edit FortiSwitch storm control for measuring traffic activity using data rates to prevent traffic disruption.
set broadcast [enable|disable]
set local-override [enable|disable]
set rate {integer}
set unknown-multicast [enable|disable]
set unknown-unicast [enable|disable]
end
config stp-instance
Description: Configuration method to edit Spanning Tree Protocol (STP) instances.
edit <id>
set priority [0|4096|...]
next
end
config stp-settings
Description: Configuration method to edit Spanning Tree Protocol (STP) settings used to prevent bridge loops.
set forward-time {integer}
set hello-time {integer}
set local-override [enable|disable]
set max-age {integer}
set max-hops {integer}
set name {string}
set pending-timer {integer}
set revision {integer}
end
set switch-device-tag {string}
config switch-log
Description: Configuration method to edit FortiSwitch logging settings (logs are transferred to and inserted into the FortiGate event log).
set local-override [enable|disable]
set severity [emergency|alert|...]
set status [enable|disable]
end
set switch-profile {string}
set type [virtual|physical]
set version {integer}
next
end
config switch-controller managed-switch
|
Parameter |
Description |
Type |
Size |
|||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
access-profile |
FortiSwitch access profile. |
string |
Maximum length: 31 |
|||||||||
|
delayed-restart-trigger |
Delayed restart triggered for this FortiSwitch. |
integer |
Minimum value: 0 Maximum value: 255 |
|||||||||
|
description |
Description. |
string |
Maximum length: 63 |
|||||||||
|
directly-connected |
Directly connected FortiSwitch. Read-only. |
integer |
Minimum value: 0 Maximum value: 1 |
|||||||||
|
dynamic-capability |
List of features this FortiSwitch supports (not configurable) that is sent to the FortiGate device for subsequent configuration initiated by the FortiGate device. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||
|
dynamically-discovered |
Dynamically discovered FortiSwitch. Read-only. |
integer |
Minimum value: 0 Maximum value: 1 |
|||||||||
|
flow-identity |
Flow-tracking netflow ipfix switch identity in hex format(00000000-FFFFFFFF default=0). |
user |
Not Specified |
|||||||||
|
fsw-wan1-admin |
FortiSwitch WAN1 admin status; enable to authorize the FortiSwitch as a managed switch. |
option |
- |
|||||||||
|
|
|
|||||||||||
|
fsw-wan1-peer |
Fortiswitch WAN1 peer port. |
string |
Maximum length: 35 |
|||||||||
|
mclag-igmp-snooping-aware |
Enable/disable MCLAG IGMP-snooping awareness. |
option |
- |
|||||||||
|
|
|
|||||||||||
|
name |
Managed-switch name. |
string |
Maximum length: 35 |
|||||||||
|
override-snmp-community |
Enable/disable overriding the global SNMP communities. |
option |
- |
|||||||||
|
|
|
|||||||||||
|
override-snmp-sysinfo |
Enable/disable overriding the global SNMP system information. |
option |
- |
|||||||||
|
|
|
|||||||||||
|
override-snmp-trap-threshold |
Enable/disable overriding the global SNMP trap threshold values. |
option |
- |
|||||||||
|
|
|
|||||||||||
|
override-snmp-user |
Enable/disable overriding the global SNMP users. |
option |
- |
|||||||||
|
|
|
|||||||||||
|
owner-vdom |
VDOM which owner of port belongs to. |
string |
Maximum length: 31 |
|||||||||
|
poe-detection-type |
PoE detection type for FortiSwitch. Read-only. |
integer |
Minimum value: 0 Maximum value: 255 |
|||||||||
|
poe-lldp-detection |
Enable/disable PoE LLDP detection. |
option |
- |
|||||||||
|
|
|
|||||||||||
|
poe-pre-standard-detection |
Enable/disable PoE pre-standard detection. |
option |
- |
|||||||||
|
|
|
|||||||||||
|
pre-provisioned |
Pre-provisioned managed switch. |
integer |
Minimum value: 0 Maximum value: 255 |
|||||||||
|
staged-image-version |
Staged image version for FortiSwitch. |
string |
Maximum length: 127 |
|||||||||
|
switch-device-tag |
User definable label/tag. |
string |
Maximum length: 32 |
|||||||||
|
switch-id |
Managed-switch id. |
string |
Maximum length: 16 |
|||||||||
|
switch-profile |
FortiSwitch profile. |
string |
Maximum length: 35 |
|||||||||
|
type |
Indication of switch type, physical or virtual. |
option |
- |
|||||||||
|
|
|
|||||||||||
|
version |
FortiSwitch version. |
integer |
Minimum value: 0 Maximum value: 255 |
|||||||||
config 802-1X-settings
|
Parameter |
Description |
Type |
Size |
|||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
link-down-auth |
Authentication state to set if a link is down. |
option |
- |
|||||||
|
|
|
|||||||||
|
local-override |
Enable to override global 802.1X settings on individual FortiSwitches. |
option |
- |
|||||||
|
|
|
|||||||||
|
max-reauth-attempt |
Maximum number of authentication attempts (0 - 15, default = 3). |
integer |
Minimum value: 0 Maximum value: 15 |
|||||||
|
reauth-period |
Reauthentication time interval (1 - 1440 min, default = 60, 0 = disable). |
integer |
Minimum value: 0 Maximum value: 1440 |
|||||||
config custom-command
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
command-entry |
List of FortiSwitch commands. |
string |
Maximum length: 35 |
|
command-name |
Names of commands to be pushed to this FortiSwitch device, as configured under config switch-controller custom-command. |
string |
Maximum length: 35 |
config igmp-snooping
|
Parameter |
Description |
Type |
Size |
|||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
aging-time |
Maximum time to retain a multicast snooping entry for which no packets have been seen (15 - 3600 sec, default = 300). |
integer |
Minimum value: 15 Maximum value: 3600 |
|||||||
|
flood-unknown-multicast |
Enable/disable unknown multicast flooding. |
option |
- |
|||||||
|
|
|
|||||||||
|
local-override |
Enable/disable overriding the global IGMP snooping configuration. |
option |
- |
|||||||
|
|
|
|||||||||
config mirror
|
Parameter |
Description |
Type |
Size |
|||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
dst |
Destination port. |
string |
Maximum length: 63 |
|||||||
|
name |
Mirror name. |
string |
Maximum length: 63 |
|||||||
|
src-egress |
Source egress interfaces. Interface name. |
string |
Maximum length: 79 |
|||||||
|
src-ingress |
Source ingress interfaces. Interface name. |
string |
Maximum length: 79 |
|||||||
|
status |
Active/inactive mirror configuration. |
option |
- |
|||||||
|
|
|
|||||||||
|
switching-packet |
Enable/disable switching functionality when mirroring. |
option |
- |
|||||||
|
|
|
|||||||||
config ports
|
Parameter |
Description |
Type |
Size |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
allowed-vlans |
Configure switch port tagged vlans VLAN name. |
string |
Maximum length: 79 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
allowed-vlans-all |
Enable/disable all defined vlans on this port. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
arp-inspection-trust |
Trusted or untrusted dynamic ARP inspection. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
bundle |
Enable/disable Link Aggregation Group (LAG) bundling for non-FortiLink interfaces. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
description |
Description for port. |
string |
Maximum length: 63 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
dhcp-snoop-option82-trust |
Enable/disable allowance of DHCP with option-82 on untrusted interface. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
dhcp-snooping |
Trusted or untrusted DHCP-snooping interface. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
discard-mode |
Configure discard mode for port. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
edge-port |
Enable/disable this interface as an edge port, bridging connections between workstations and/or computers. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
export-tags |
Configure export tag(s) for FortiSwitch port when exported to a virtual pool. FortiSwitch port tag name when exported to a virtual pool. |
string |
Maximum length: 63 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
export-to |
Export managed-switch port to a tenant VDOM. |
string |
Maximum length: 31 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
export-to-pool |
Switch controller export port to pool-list. |
string |
Maximum length: 35 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
fgt-peer-device-name |
FGT peer device name. Read-only. |
string |
Maximum length: 16 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
fgt-peer-port-name |
FGT peer port name. Read-only. |
string |
Maximum length: 15 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
fiber-port |
Fiber-port. Read-only. |
integer |
Minimum value: 0 Maximum value: 1 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
flags |
Port properties flags. Read-only. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
fortilink-port |
FortiLink uplink port. Read-only. |
integer |
Minimum value: 0 Maximum value: 1 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
igmp-snooping |
Set IGMP snooping mode for the physical port interface. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
igmps-flood-reports |
Enable/disable flooding of IGMP reports to this interface when igmp-snooping enabled. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
igmps-flood-traffic |
Enable/disable flooding of IGMP snooping traffic to this interface. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
isl-local-trunk-name |
ISL local trunk name. Read-only. |
string |
Maximum length: 15 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
isl-peer-device-name |
ISL peer device name. Read-only. |
string |
Maximum length: 16 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
isl-peer-port-name |
ISL peer port name. Read-only. |
string |
Maximum length: 15 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
lacp-speed |
end Link Aggregation Control Protocol (LACP) messages every 30 seconds (slow) or every second (fast). |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
learning-limit |
Limit the number of dynamic MAC addresses on this Port (1 - 128, 0 = no limit, default). |
integer |
Minimum value: 0 Maximum value: 128 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
lldp-profile |
LLDP port TLV profile. |
string |
Maximum length: 63 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
lldp-status |
LLDP transmit and receive status. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
loop-guard |
Enable/disable loop-guard on this interface, an STP optimization used to prevent network loops. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
loop-guard-timeout |
Loop-guard timeout (0 - 120 min, default = 45). |
integer |
Minimum value: 0 Maximum value: 120 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
mac-addr |
Port/Trunk MAC. |
mac-address |
Not Specified |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
max-bundle |
Maximum size of LAG bundle (1 - 24, default = 24) |
integer |
Minimum value: 1 Maximum value: 24 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
mclag |
Enable/disable multi-chassis link aggregation (MCLAG). |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
member-withdrawal-behavior |
Port behavior after it withdraws because of loss of control packets. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
members |
Aggregated LAG bundle interfaces. Interface name from available options. |
string |
Maximum length: 79 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
min-bundle |
Minimum size of LAG bundle (1 - 24, default = 1) |
integer |
Minimum value: 1 Maximum value: 24 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
mode |
LACP mode: ignore and do not send control messages, or negotiate 802.3ad aggregation passively or actively. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
packet-sample-rate |
Packet sampling rate (0 - 99999 p/sec). |
integer |
Minimum value: 0 Maximum value: 99999 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
packet-sampler |
Enable/disable packet sampling on this interface. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
poe-capable |
PoE capable. |
integer |
Minimum value: 0 Maximum value: 1 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
poe-pre-standard-detection |
Enable/disable PoE pre-standard detection. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
poe-status |
Enable/disable PoE status. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
port-name |
Switch port name. |
string |
Maximum length: 15 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
port-number |
Port number. Read-only. |
integer |
Minimum value: 1 Maximum value: 64 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
port-owner |
Switch port name. |
string |
Maximum length: 15 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
port-prefix-type |
Port prefix type. Read-only. |
integer |
Minimum value: 0 Maximum value: 1 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
port-security-policy |
Switch controller authentication policy to apply to this managed switch from available options. |
string |
Maximum length: 31 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
port-selection-criteria |
Algorithm for aggregate port selection. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
qos-policy |
Switch controller QoS policy from available options. |
string |
Maximum length: 63 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
sample-direction |
Packet sampling direction. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
sflow-counter-interval |
sFlow sampling counter polling interval (0 - 255 sec). |
integer |
Minimum value: 0 Maximum value: 255 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
speed |
Switch port speed; default and available settings depend on hardware. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
stacking-port |
Stacking port. Read-only. |
integer |
Minimum value: 0 Maximum value: 1 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
status |
Switch port admin status: up or down. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
sticky-mac |
Enable or disable sticky-mac on the interface. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
storm-control-policy |
Switch controller storm control policy from available options. |
string |
Maximum length: 63 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
stp-bpdu-guard |
Enable/disable STP BPDU guard on this interface. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
stp-bpdu-guard-timeout |
BPDU Guard disabling protection (0 - 120 min). |
integer |
Minimum value: 0 Maximum value: 120 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
stp-root-guard |
Enable/disable STP root guard on this interface. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
stp-state |
Enable/disable Spanning Tree Protocol (STP) on this interface. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
switch-id |
Switch id. Read-only. |
string |
Maximum length: 16 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
type |
Interface type: physical or trunk port. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
untagged-vlans |
Configure switch port untagged vlans VLAN name. |
string |
Maximum length: 79 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
vlan |
Assign switch ports to a VLAN. |
string |
Maximum length: 15 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
config remote-log
|
Parameter |
Description |
Type |
Size |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
csv |
Enable/disable comma-separated value (CSV) strings. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
facility |
Facility to log to remote syslog server. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
name |
Remote log name. |
string |
Maximum length: 35 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
port |
Remote syslog server listening port. |
integer |
Minimum value: 0 Maximum value: 65535 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
server |
IPv4 address of the remote syslog server. |
string |
Maximum length: 63 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
severity |
Severity of logs to be transferred to remote log server. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
status |
Enable/disable logging by FortiSwitch device to a remote syslog server. |
option |
- |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
config snmp-community
|
Parameter |
Description |
Type |
Size |
|||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
events |
SNMP notifications (traps) to send. |
option |
- |
|||||||||||||
|
|
|
|||||||||||||||
|
id |
SNMP community ID. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||
|
name |
SNMP community name. |
string |
Maximum length: 35 |
|||||||||||||
|
query-v1-port |
SNMP v1 query port (default = 161). |
integer |
Minimum value: 0 Maximum value: 65535 |
|||||||||||||
|
query-v1-status |
Enable/disable SNMP v1 queries. |
option |
- |
|||||||||||||
|
|
|
|||||||||||||||
|
query-v2c-port |
SNMP v2c query port (default = 161). |
integer |
Minimum value: 0 Maximum value: 65535 |
|||||||||||||
|
query-v2c-status |
Enable/disable SNMP v2c queries. |
option |
- |
|||||||||||||
|
|
|
|||||||||||||||
|
status |
Enable/disable this SNMP community. |
option |
- |
|||||||||||||
|
|
|
|||||||||||||||
|
trap-v1-lport |
SNMP v2c trap local port (default = 162). |
integer |
Minimum value: 0 Maximum value: 65535 |
|||||||||||||
|
trap-v1-rport |
SNMP v2c trap remote port (default = 162). |
integer |
Minimum value: 0 Maximum value: 65535 |
|||||||||||||
|
trap-v1-status |
Enable/disable SNMP v1 traps. |
option |
- |
|||||||||||||
|
|
|
|||||||||||||||
|
trap-v2c-lport |
SNMP v2c trap local port (default = 162). |
integer |
Minimum value: 0 Maximum value: 65535 |
|||||||||||||
|
trap-v2c-rport |
SNMP v2c trap remote port (default = 162). |
integer |
Minimum value: 0 Maximum value: 65535 |
|||||||||||||
|
trap-v2c-status |
Enable/disable SNMP v2c traps. |
option |
- |
|||||||||||||
|
|
|
|||||||||||||||
config hosts
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
id |
Host entry ID. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|
ip |
IPv4 address of the SNMP manager (host). |
user |
Not Specified |
config snmp-sysinfo
|
Parameter |
Description |
Type |
Size |
|||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
contact-info |
Contact information. |
string |
Maximum length: 35 |
|||||||
|
description |
System description. |
string |
Maximum length: 35 |
|||||||
|
engine-id |
Local SNMP engine ID string (max 24 char). |
string |
Maximum length: 24 |
|||||||
|
location |
System location. |
string |
Maximum length: 35 |
|||||||
|
status |
Enable/disable SNMP. |
option |
- |
|||||||
|
|
|
|||||||||
config snmp-trap-threshold
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
trap-high-cpu-threshold |
CPU usage when trap is sent. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|
trap-log-full-threshold |
Log disk usage when trap is sent. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|
trap-low-memory-threshold |
Memory usage when trap is sent. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
config snmp-user
|
Parameter |
Description |
Type |
Size |
|||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
auth-proto |
Authentication protocol. |
option |
- |
|||||||||
|
|
|
|||||||||||
|
auth-pwd |
Password for authentication protocol. |
password |
Not Specified |
|||||||||
|
name |
SNMP user name. |
string |
Maximum length: 32 |
|||||||||
|
priv-proto |
Privacy (encryption) protocol. |
option |
- |
|||||||||
|
|
|
|||||||||||
|
priv-pwd |
Password for privacy (encryption) protocol. |
password |
Not Specified |
|||||||||
|
queries |
Enable/disable SNMP queries for this user. |
option |
- |
|||||||||
|
|
|
|||||||||||
|
query-port |
SNMPv3 query port (default = 161). |
integer |
Minimum value: 0 Maximum value: 65535 |
|||||||||
|
security-level |
Security level for message authentication and encryption. |
option |
- |
|||||||||
|
|
|
|||||||||||
config static-mac
|
Parameter |
Description |
Type |
Size |
|||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
description |
Description. |
string |
Maximum length: 63 |
|||||||
|
id |
Id |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||
|
interface |
Interface name. |
string |
Maximum length: 35 |
|||||||
|
mac |
MAC address. |
mac-address |
Not Specified |
|||||||
|
type |
Type. |
option |
- |
|||||||
|
|
|
|||||||||
|
vlan |
Vlan. |
string |
Maximum length: 15 |
|||||||
config storm-control
|
Parameter |
Description |
Type |
Size |
|||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
broadcast |
Enable/disable storm control to drop broadcast traffic. |
option |
- |
|||||||
|
|
|
|||||||||
|
local-override |
Enable to override global FortiSwitch storm control settings for this FortiSwitch. |
option |
- |
|||||||
|
|
|
|||||||||
|
rate |
Rate in packets per second at which storm traffic is controlled (1 - 10000000, default = 500). Storm control drops excess traffic data rates beyond this threshold. |
integer |
Minimum value: 1 Maximum value: 10000000 |
|||||||
|
unknown-multicast |
Enable/disable storm control to drop unknown multicast traffic. |
option |
- |
|||||||
|
|
|
|||||||||
|
unknown-unicast |
Enable/disable storm control to drop unknown unicast traffic. |
option |
- |
|||||||
|
|
|
|||||||||
config stp-instance
|
Parameter |
Description |
Type |
Size |
|||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
id |
Instance ID. |
string |
Maximum length: 2 |
|||||||||||||||||||||||||||||||||||
|
priority |
Priority. |
option |
- |
|||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||
config stp-settings
|
Parameter |
Description |
Type |
Size |
|||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
forward-time |
Period of time a port is in listening and learning state (4 - 30 sec, default = 15). |
integer |
Minimum value: 4 Maximum value: 30 |
|||||||
|
hello-time |
Period of time between successive STP frame Bridge Protocol Data Units (BPDUs) sent on a port (1 - 10 sec, default = 2). |
integer |
Minimum value: 1 Maximum value: 10 |
|||||||
|
local-override |
Enable to configure local STP settings that override global STP settings. |
option |
- |
|||||||
|
|
|
|||||||||
|
max-age |
Maximum time before a bridge port saves its configuration BPDU information (6 - 40 sec, default = 20). |
integer |
Minimum value: 6 Maximum value: 40 |
|||||||
|
max-hops |
Maximum number of hops between the root bridge and the furthest bridge (1- 40, default = 20). |
integer |
Minimum value: 1 Maximum value: 40 |
|||||||
|
name |
Name of local STP settings configuration. |
string |
Maximum length: 31 |
|||||||
|
pending-timer |
Pending time (1 - 15 sec, default = 4). |
integer |
Minimum value: 1 Maximum value: 15 |
|||||||
|
revision |
STP revision number (0 - 65535). |
integer |
Minimum value: 0 Maximum value: 65535 |
|||||||
config switch-log
|
Parameter |
Description |
Type |
Size |
|||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
local-override |
Enable to configure local logging settings that override global logging settings. |
option |
- |
|||||||||||||||||||
|
|
|
|||||||||||||||||||||
|
severity |
Severity of FortiSwitch logs that are added to the FortiGate event log. |
option |
- |
|||||||||||||||||||
|
|
|
|||||||||||||||||||||
|
status |
Enable/disable adding FortiSwitch logs to the FortiGate event log. |
option |
- |
|||||||||||||||||||
|
|
|
|||||||||||||||||||||