Fortinet black logo

CLI Reference

system switch-interface

Configure software switch interfaces by grouping physical and WiFi interfaces.

  config system switch-interface
      Description: Configure software switch interfaces by grouping physical and WiFi interfaces.
      edit <name>
          set vdom {string}
          set span-dest-port {string}
          set span-source-port <interface-name1>, <interface-name2>, ...
          set member <interface-name1>, <interface-name2>, ...
          set type [switch|hub]
          set intra-switch-policy [implicit|explicit]
          set span [disable|enable]
          set span-direction [rx|tx|...]
      next
  end

config system switch-interface

Parameter Name Description Type Size
vdom VDOM that the software switch belongs to. string Maximum length: 31
span-dest-port SPAN destination port name. All traffic on the SPAN source ports is echoed to the SPAN destination port. string Maximum length: 15
span-source-port <interface-name> Physical interface name. Port spanning echoes all traffic on the SPAN source ports to the SPAN destination port.
Physical interface name.
string Maximum length: 79
member <interface-name> Names of the interfaces that belong to the virtual switch.
Physical interface name.
string Maximum length: 79
type Type of switch based on functionality: switch for normal functionality, or hub to duplicate packets to all port members.
switch: Switch for normal switch functionality (available in NAT mode only).
hub: Hub to duplicate packets to all member ports.
option -
intra-switch-policy Allow any traffic between switch interfaces or require firewall policies to allow traffic between switch interfaces.
implicit: Traffic between switch members is implicitly allowed.
explicit: Traffic between switch members must match firewall policies.
option -
span Enable/disable port spanning. Port spanning echoes traffic received by the software switch to the span destination port.
disable: Disable port spanning.
enable: Enable port spanning.
option -
span-direction The direction in which the SPAN port operates, either: rx, tx, or both.
rx: Copies only received packets from source SPAN ports to the destination SPAN port.
tx: Copies only transmitted packets from source SPAN ports to the destination SPAN port.
both: Copies both received and transmitted packets from source SPAN ports to the destination SPAN port.
option -

Configure software switch interfaces by grouping physical and WiFi interfaces.

  config system switch-interface
      Description: Configure software switch interfaces by grouping physical and WiFi interfaces.
      edit <name>
          set vdom {string}
          set span-dest-port {string}
          set span-source-port <interface-name1>, <interface-name2>, ...
          set member <interface-name1>, <interface-name2>, ...
          set type [switch|hub]
          set intra-switch-policy [implicit|explicit]
          set span [disable|enable]
          set span-direction [rx|tx|...]
      next
  end

config system switch-interface

Parameter Name Description Type Size
vdom VDOM that the software switch belongs to. string Maximum length: 31
span-dest-port SPAN destination port name. All traffic on the SPAN source ports is echoed to the SPAN destination port. string Maximum length: 15
span-source-port <interface-name> Physical interface name. Port spanning echoes all traffic on the SPAN source ports to the SPAN destination port.
Physical interface name.
string Maximum length: 79
member <interface-name> Names of the interfaces that belong to the virtual switch.
Physical interface name.
string Maximum length: 79
type Type of switch based on functionality: switch for normal functionality, or hub to duplicate packets to all port members.
switch: Switch for normal switch functionality (available in NAT mode only).
hub: Hub to duplicate packets to all member ports.
option -
intra-switch-policy Allow any traffic between switch interfaces or require firewall policies to allow traffic between switch interfaces.
implicit: Traffic between switch members is implicitly allowed.
explicit: Traffic between switch members must match firewall policies.
option -
span Enable/disable port spanning. Port spanning echoes traffic received by the software switch to the span destination port.
disable: Disable port spanning.
enable: Enable port spanning.
option -
span-direction The direction in which the SPAN port operates, either: rx, tx, or both.
rx: Copies only received packets from source SPAN ports to the destination SPAN port.
tx: Copies only transmitted packets from source SPAN ports to the destination SPAN port.
both: Copies both received and transmitted packets from source SPAN ports to the destination SPAN port.
option -