Fortinet black logo

Cookbook

FortiLink auto network configuration policy

Copy Link
Copy Doc ID 30be976a-bbb3-11ee-8673-fa163e15d75b:384170
Download PDF

FortiLink auto network configuration policy

The switch controller has a network auto-config option which contains configurable defaults, policy customization, and an individual interface override. This gives administrators simple and flexible control.

Following is a description of these options:

auto-config default Provides the default actions for the first hop (fgt-policy) and lower-tier devices (isl-policy).
auto-config policy A database containing policies that can be applied as a system-wide default or to a specific interface.
auto-config custom Allows for the override of the auto-config default on a specific interface. This information is retained and is reapplied if an interface leaves and then is rediscovered.
To configure automatic network detection:
  1. Create or modify an auto-config policy:
    config switch-controller auto-config  policy 
       edit test123 
          get
             name                : test123
             qos-policy          : default     <== leverage the default qos-policy
             storm-control-policy: auto-config <== leverage auto-config storm-control-policy by default
             poe-status          : enable      <== If target of auto-config is poe port, keep poe-status enabled by default
       next
    end
  2. Designate an auto-config policy to FortiLink, ISL, or ICL on managed FortiSwitches.
    config switch-controller auto-config default 
        get
            fgt-policy          : test123 
            isl-policy          : test123 
            icl-policy          : test123 
        set  ?
            fgt-policy    Default FortiLink auto-config policy.
            isl-policy    Default ISL auto-config policy.
            icl-policy    Default ICL auto-config policy.
    end
  3. Customize an auto-config policy for a specific FGT, ICL, or ISL interface.
    config switch-controller auto-config custom 
        edit ? 
          *name    Auto-Config FortiLink or ISL/ICL interface name.
        edit G5H0E391790XXXX
          new entry 'G5H0E391790XXXX' added
            config switch-binding 
                edit ?
                  *switch-id    Switch name.
                edit S524DN4K1500XXXX
                  new entry 'S524DN4K1500XXXX' added
                    get
                        switch-id           : S524DN4K1500XXXX
                        policy              : default 
                next
            end
        next
    end

FortiLink auto network configuration policy

The switch controller has a network auto-config option which contains configurable defaults, policy customization, and an individual interface override. This gives administrators simple and flexible control.

Following is a description of these options:

auto-config default Provides the default actions for the first hop (fgt-policy) and lower-tier devices (isl-policy).
auto-config policy A database containing policies that can be applied as a system-wide default or to a specific interface.
auto-config custom Allows for the override of the auto-config default on a specific interface. This information is retained and is reapplied if an interface leaves and then is rediscovered.
To configure automatic network detection:
  1. Create or modify an auto-config policy:
    config switch-controller auto-config  policy 
       edit test123 
          get
             name                : test123
             qos-policy          : default     <== leverage the default qos-policy
             storm-control-policy: auto-config <== leverage auto-config storm-control-policy by default
             poe-status          : enable      <== If target of auto-config is poe port, keep poe-status enabled by default
       next
    end
  2. Designate an auto-config policy to FortiLink, ISL, or ICL on managed FortiSwitches.
    config switch-controller auto-config default 
        get
            fgt-policy          : test123 
            isl-policy          : test123 
            icl-policy          : test123 
        set  ?
            fgt-policy    Default FortiLink auto-config policy.
            isl-policy    Default ISL auto-config policy.
            icl-policy    Default ICL auto-config policy.
    end
  3. Customize an auto-config policy for a specific FGT, ICL, or ISL interface.
    config switch-controller auto-config custom 
        edit ? 
          *name    Auto-Config FortiLink or ISL/ICL interface name.
        edit G5H0E391790XXXX
          new entry 'G5H0E391790XXXX' added
            config switch-binding 
                edit ?
                  *switch-id    Switch name.
                edit S524DN4K1500XXXX
                  new entry 'S524DN4K1500XXXX' added
                    get
                        switch-id           : S524DN4K1500XXXX
                        policy              : default 
                next
            end
        next
    end