The new FortiLink
local-access profile controls access to the physical interface of a FortiSwitch that is managed by FortiGate.
After upgrading FortiGate to 6.4.8, the interface
allowaccess configuration on all managed FortiSwitches are overwritten by the default FortiGate
local-access profile. You must manually add your protocols to the
local-access profile after upgrading to 6.4.8.
config switch-controller security-policy local-access edit [Policy Name] set mgmt-allowaccess https ping ssh set internal-allowaccess https ping ssh next end
local-access profile to managed FortiSwitch:
config switch-controller managed-switch edit [FortiSwitch Serial Number] set switch-profile [Policy Name] set access-profile [Policy Name] next end