Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

CLI Reference

config system switch-interface

Configure software switch interfaces by grouping physical and WiFi interfaces.

config system switch-interface

Description: Configure software switch interfaces by grouping physical and WiFi interfaces.

edit <name>

set vdom {string}

set span-dest-port {string}

set span-source-port <interface-name1>, <interface-name2>, ...

set member <interface-name1>, <interface-name2>, ...

set type [switch|hub]

set intra-switch-policy [implicit|explicit]

set mac-ttl {integer}

set span [disable|enable]

set span-direction [rx|tx|...]

next

end

config system switch-interface

Parameter

Description

Type

Size

Default

vdom

VDOM that the software switch belongs to.

string

Maximum length: 31

span-dest-port

SPAN destination port name. All traffic on the SPAN source ports is echoed to the SPAN destination port.

string

Maximum length: 15

span-source-port <interface-name>

Physical interface name. Port spanning echoes all traffic on the SPAN source ports to the SPAN destination port.

Physical interface name.

string

Maximum length: 79

member <interface-name>

Names of the interfaces that belong to the virtual switch.

Physical interface name.

string

Maximum length: 79

type

Type of switch based on functionality: switch for normal functionality, or hub to duplicate packets to all port members.

option

-

switch

 

Option

Description

switch

Switch for normal switch functionality (available in NAT mode only).

hub

Hub to duplicate packets to all member ports.

intra-switch-policy

Allow any traffic between switch interfaces or require firewall policies to allow traffic between switch interfaces.

option

-

implicit

 

Option

Description

implicit

Traffic between switch members is implicitly allowed.

explicit

Traffic between switch members must match firewall policies.

mac-ttl

Duration for which MAC addresses are held in the ARP table (300 - 8640000 sec, default = 300).

integer

Minimum value: 300 Maximum value: 8640000

300

span

Enable/disable port spanning. Port spanning echoes traffic received by the software switch to the span destination port.

option

-

disable

 

Option

Description

disable

Disable port spanning.

enable

Enable port spanning.

span-direction

The direction in which the SPAN port operates, either: rx, tx, or both.

option

-

both

 

Option

Description

rx

Copies only received packets from source SPAN ports to the destination SPAN port.

tx

Copies only transmitted packets from source SPAN ports to the destination SPAN port.

both

Copies both received and transmitted packets from source SPAN ports to the destination SPAN port.

config system switch-interface

Configure software switch interfaces by grouping physical and WiFi interfaces.

config system switch-interface

Description: Configure software switch interfaces by grouping physical and WiFi interfaces.

edit <name>

set vdom {string}

set span-dest-port {string}

set span-source-port <interface-name1>, <interface-name2>, ...

set member <interface-name1>, <interface-name2>, ...

set type [switch|hub]

set intra-switch-policy [implicit|explicit]

set mac-ttl {integer}

set span [disable|enable]

set span-direction [rx|tx|...]

next

end

config system switch-interface

Parameter

Description

Type

Size

Default

vdom

VDOM that the software switch belongs to.

string

Maximum length: 31

span-dest-port

SPAN destination port name. All traffic on the SPAN source ports is echoed to the SPAN destination port.

string

Maximum length: 15

span-source-port <interface-name>

Physical interface name. Port spanning echoes all traffic on the SPAN source ports to the SPAN destination port.

Physical interface name.

string

Maximum length: 79

member <interface-name>

Names of the interfaces that belong to the virtual switch.

Physical interface name.

string

Maximum length: 79

type

Type of switch based on functionality: switch for normal functionality, or hub to duplicate packets to all port members.

option

-

switch

 

Option

Description

switch

Switch for normal switch functionality (available in NAT mode only).

hub

Hub to duplicate packets to all member ports.

intra-switch-policy

Allow any traffic between switch interfaces or require firewall policies to allow traffic between switch interfaces.

option

-

implicit

 

Option

Description

implicit

Traffic between switch members is implicitly allowed.

explicit

Traffic between switch members must match firewall policies.

mac-ttl

Duration for which MAC addresses are held in the ARP table (300 - 8640000 sec, default = 300).

integer

Minimum value: 300 Maximum value: 8640000

300

span

Enable/disable port spanning. Port spanning echoes traffic received by the software switch to the span destination port.

option

-

disable

 

Option

Description

disable

Disable port spanning.

enable

Enable port spanning.

span-direction

The direction in which the SPAN port operates, either: rx, tx, or both.

option

-

both

 

Option

Description

rx

Copies only received packets from source SPAN ports to the destination SPAN port.

tx

Copies only transmitted packets from source SPAN ports to the destination SPAN port.

both

Copies both received and transmitted packets from source SPAN ports to the destination SPAN port.