Fortinet black logo

Administration Guide

Creating FortiSwitch templates

Creating FortiSwitch templates

When creating a new FortiSwitch template, the platform must be selected before configuring VLAN assignments.

To create a FortiSwitch template:
  1. Go to FortiSwitch Manager > FortiSwitch Templates.
  2. In the tree menu, select FortiSwitch Templates.
  3. In the content pane, click Create New in the toolbar. The Create New FortiSwitch Template window opens.

  4. Enter the following information, then click OK to create the new template.

    Template Name

    Type a name for the template.

    Comments

    Optionally, enter comments.

    Platforms

    Select the platform that the template will apply to from the dropdown list.

    Switch VLAN Assignments

    Configure VLAN assignments. A platform must be selected before VLAN assignments can be configured.

    Add Port

    Add a port to the table.

    Create Trunk

    Create a trunk. See To create a trunk group:.

    Edit

    Edit the selected trunk.

    Delete

    Delete the selected ports or trunks.

    Port

    Select a port profile from the dropdown list.

    Native VLAN

    Select the native VLAN from the available VLAN objects. See Creating FortiSwitch VLANs.

    Allowed VLAN

    Select the allowed VLAN from the available VLAN objects. See Creating FortiSwitch VLANs.

    Security Policy

    Select the security policies from the available switch controller security policies. See FortiSwitch security policies.

    POE

    If applicable, right-click to enable or disable PoE for the port.

    DHCP Blocking

    Right-click to enable or disable DHCP blocking for the port or trunk.

    If the port is in a trunk, then DHCP blocking can only be enabled for the trunk, and not the individual ports.

    IGMP Snooping

    Right-click to enable or disable IGMP snooping for the port or trunk.

    If the port is in a trunk, then IGMP snooping can only be enabled for the trunk, and not the individual ports.

    Loop Guard

    Right-click to enable or disable Loop Guard for the port.

    Loop Guard cannot be applied to trunks, or ports that are in trunks.

    STP

    Right-click to enable or disable STP for the port or trunk.

    If the port is in a trunk, then STP can only be enabled for the trunk, and not the individual ports.

    Edge Port

    Right-click to enable or disable Edge Port for the port or trunk.

    If the port is in a trunk, then STP can only be enabled for the trunk, and not the individual ports.

    STP BPDU Guard

    Right-click to enable or disable STP BPDU Guard for the port or trunk.

    If the port is in a trunk, then STP BPDU Guard can only be enabled for the trunk, and not the individual ports.

    STP Root Guard

    Right-click to enable or disable STP Root Guard for the port or trunk.

    If the port is in a trunk, then STP Root Guard can only be enabled for the trunk, and not the individual ports.

To create a trunk group:
  1. On the Create New FortiSwitch Template pane, click Create Trunk in the Switch VLAN Assignments toolbar. The New Trunk Group dialog box opens.
  2. Enter a name for the trunk group in the Name field.
  3. In the Members field, select all the ports that will be in the group from the drop-down list.
  4. Select the mode: lacp-active (active link aggregation), lacp-passive (passive link aggregation), or static.
  5. Click OK to create the trunk group.

Creating FortiSwitch templates

When creating a new FortiSwitch template, the platform must be selected before configuring VLAN assignments.

To create a FortiSwitch template:
  1. Go to FortiSwitch Manager > FortiSwitch Templates.
  2. In the tree menu, select FortiSwitch Templates.
  3. In the content pane, click Create New in the toolbar. The Create New FortiSwitch Template window opens.

  4. Enter the following information, then click OK to create the new template.

    Template Name

    Type a name for the template.

    Comments

    Optionally, enter comments.

    Platforms

    Select the platform that the template will apply to from the dropdown list.

    Switch VLAN Assignments

    Configure VLAN assignments. A platform must be selected before VLAN assignments can be configured.

    Add Port

    Add a port to the table.

    Create Trunk

    Create a trunk. See To create a trunk group:.

    Edit

    Edit the selected trunk.

    Delete

    Delete the selected ports or trunks.

    Port

    Select a port profile from the dropdown list.

    Native VLAN

    Select the native VLAN from the available VLAN objects. See Creating FortiSwitch VLANs.

    Allowed VLAN

    Select the allowed VLAN from the available VLAN objects. See Creating FortiSwitch VLANs.

    Security Policy

    Select the security policies from the available switch controller security policies. See FortiSwitch security policies.

    POE

    If applicable, right-click to enable or disable PoE for the port.

    DHCP Blocking

    Right-click to enable or disable DHCP blocking for the port or trunk.

    If the port is in a trunk, then DHCP blocking can only be enabled for the trunk, and not the individual ports.

    IGMP Snooping

    Right-click to enable or disable IGMP snooping for the port or trunk.

    If the port is in a trunk, then IGMP snooping can only be enabled for the trunk, and not the individual ports.

    Loop Guard

    Right-click to enable or disable Loop Guard for the port.

    Loop Guard cannot be applied to trunks, or ports that are in trunks.

    STP

    Right-click to enable or disable STP for the port or trunk.

    If the port is in a trunk, then STP can only be enabled for the trunk, and not the individual ports.

    Edge Port

    Right-click to enable or disable Edge Port for the port or trunk.

    If the port is in a trunk, then STP can only be enabled for the trunk, and not the individual ports.

    STP BPDU Guard

    Right-click to enable or disable STP BPDU Guard for the port or trunk.

    If the port is in a trunk, then STP BPDU Guard can only be enabled for the trunk, and not the individual ports.

    STP Root Guard

    Right-click to enable or disable STP Root Guard for the port or trunk.

    If the port is in a trunk, then STP Root Guard can only be enabled for the trunk, and not the individual ports.

To create a trunk group:
  1. On the Create New FortiSwitch Template pane, click Create Trunk in the Switch VLAN Assignments toolbar. The New Trunk Group dialog box opens.
  2. Enter a name for the trunk group in the Name field.
  3. In the Members field, select all the ports that will be in the group from the drop-down list.
  4. Select the mode: lacp-active (active link aggregation), lacp-passive (passive link aggregation), or static.
  5. Click OK to create the trunk group.