Fortinet black logo

Cookbook

Virtual switch support for FortiGate 300E series

Copy Link
Copy Doc ID 5be0d1a4-3f0d-11eb-96b9-00505692583a:183531
Download PDF

On the FortiGate 300E series, switch ports can be assigned to different VLANs.

To create a VLAN switch in the GUI:
  1. Go to Network > Interfaces and enable VLAN Switch Mode.

  2. Click Create New > Interface.
  3. Enter an interface name and configure the following:
    1. For Type, select VLAN Switch.
    2. (Optional) Enter a VLAN ID (range is 3900–3999).
    3. If applicable, select a Virtual Domain.
    4. Add the Interface Members.
    5. Configure the Address and Administrative Access settings as needed.
  4. Click OK.

    The new VLAN switch is visible in the interface table:

To create a VLAN switch in the CLI:
  1. Enable VLAN switch mode:
    config system global
        set virtual-switch-vlan enable
    end
  2. Create the VLAN switch. Optionally, you can assign an ID to the VLAN:

    The default ID is 0. You can use the default ID, or you can assign an ID to the VLAN (3900–3999).

    config system virtual-switch
        edit "VLAN switch"
            set physical-switch "sw0"
            set vlan 3900
            config port
                edit "port1"
                next
                edit "port3"
                next
            end
        next
    end
  3. Configure the VLAN switch interface:
    config system interface
        edit "VLAN switch"
            set vdom "vdom1"
            set ip 6.6.6.1 255.255.255.0
            set allowaccess ping https ssh snmp http fgfm
            set type hard-switch
            set snmp-index 15
        next
    end
  4. (Optional) Create a trunk interface:
    config system interface
        edit port2
            set trunk enable   
        next
    end

On the FortiGate 300E series, switch ports can be assigned to different VLANs.

To create a VLAN switch in the GUI:
  1. Go to Network > Interfaces and enable VLAN Switch Mode.

  2. Click Create New > Interface.
  3. Enter an interface name and configure the following:
    1. For Type, select VLAN Switch.
    2. (Optional) Enter a VLAN ID (range is 3900–3999).
    3. If applicable, select a Virtual Domain.
    4. Add the Interface Members.
    5. Configure the Address and Administrative Access settings as needed.
  4. Click OK.

    The new VLAN switch is visible in the interface table:

To create a VLAN switch in the CLI:
  1. Enable VLAN switch mode:
    config system global
        set virtual-switch-vlan enable
    end
  2. Create the VLAN switch. Optionally, you can assign an ID to the VLAN:

    The default ID is 0. You can use the default ID, or you can assign an ID to the VLAN (3900–3999).

    config system virtual-switch
        edit "VLAN switch"
            set physical-switch "sw0"
            set vlan 3900
            config port
                edit "port1"
                next
                edit "port3"
                next
            end
        next
    end
  3. Configure the VLAN switch interface:
    config system interface
        edit "VLAN switch"
            set vdom "vdom1"
            set ip 6.6.6.1 255.255.255.0
            set allowaccess ping https ssh snmp http fgfm
            set type hard-switch
            set snmp-index 15
        next
    end
  4. (Optional) Create a trunk interface:
    config system interface
        edit port2
            set trunk enable   
        next
    end