Creating FortiSwitch templates
When creating a new FortiSwitch template, the platform must be selected before configuring VLAN assignments.
To create a FortiSwitch template:
- Go to FortiSwitch Manager > FortiSwitch Templates, and select FortiSwitch Templates in the tree menu.
- In the content pane, click Create New in the toolbar. The Create New FortiSwitch Template window opens.
- Enter the following information, then click OK to create the new template.
Template Name
Type a name for the template.
Description
Optionally, enter a description.
Platforms
Select the platform that the template will apply to from the dropdown list.
Switch VLAN Assignments
Configure VLAN assignments. A platform must be selected before VLAN assignments can be configured.
Right-clicking on a physical port or trunk group displays a context menu with options to edit, delete, and modify the selection(s). Using the context menu, you can also configure Native VLAN, Allowed VLAN, Security Policy, QoS Policy, and LLDP profiles while multiple ports are selected.
Create
Create a physical port or trunk group. See Creating ports and trunk groups.
Edit
Edit the selected port or trunk.
Delete
Delete the selected ports or trunks.
Column Settings
Select which columns are visible or hidden in the Switch VLAN Assignments table.
Custom Command Entry
Create a new custom command entry.
Enter a name, and select a previously configured custom command. See Creating custom commands.
If a custom command has not yet been created, click the add icon in the Custom Command selection box to create one.
Creating ports and trunk groups
To create a physical port:
- On the Create New FortiSwitch Template pane, click Create in the Switch VLAN Assignments toolbar. The Add VLAN Assignment dialog box opens.
- Select physical as the type.
- Configure the following settings:
-
Port Name
Enter the name of the port.
Description
Optionally, enter a description.
Access Mode
Select the access mode from dynamic, nac, or normal.
Port Policy
Select the dynamic port policy from the available port policy objects. See Creating FortiSwitch dynamic port policies.
This setting is only available when the access mode is dynamic.
Native VLAN
Select the native VLAN from the available VLAN objects. See Creating FortiSwitch VLANs.
This setting is only available when the access mode is normal.
Allowed VLAN
Select the allowed VLAN from the available VLAN objects. See Creating FortiSwitch VLANs.
Security Policy
Select the security policies from the available switch controller security policies. See FortiSwitch security policies.
LLDP Profile
Select an LLDP profile.
QoS Policy
Select a QoS policy.
DHCP Blocking
Enable or disable DHCP blocking for the port or trunk.
If the port is in a trunk, then DHCP blocking can only be enabled for the trunk, and not the individual ports.
Loop Guard
Enable or disable Loop Guard for the port.
Loop Guard cannot be applied to trunks, or ports that are in trunks.
STP
Enable or disable STP for the port or trunk.
If the port is in a trunk, then STP can only be enabled for the trunk, and not the individual ports.
Edge Port
Enable or disable Edge Port for the port or trunk.
If the port is in a trunk, then STP can only be enabled for the trunk, and not the individual ports.
STP BPDU Guard
Enable or disable STP BPDU Guard for the port or trunk.
If the port is in a trunk, then STP BPDU Guard can only be enabled for the trunk, and not the individual ports.
STP Root Guard
Enable or disable STP Root Guard for the port or trunk.
If the port is in a trunk, then STP Root Guard can only be enabled for the trunk, and not the individual ports.
- Click OK to create the port.
Additional settings are available through the right-click context menu in the Switch VLAN Assignments table once the port has been created.POE
Right-click to enable or disable PoE for the port where applicable.
IGMP Snooping
Right-click to enable or disable IGMP snooping.
If the port is in a trunk, then IGMP snooping can only be enabled for the trunk, and not the individual ports.
To create a trunk group:
- On the Create New FortiSwitch Template pane, click Create in the Switch VLAN Assignments toolbar. The Add VLAN Assignment dialog box opens.
- Select trunk as the type.
- Enter a name for the trunk group in the Trunk Name field.
- In the Members field, select all the ports that will be in the group from the dropdown list.
- Select the mode: lacp-active (active link aggregation), lacp-passive (passive link aggregation), or static.
- Click OK to create the trunk group.