How to get started

Some FortiSwitch units might have a sticker on them with an outdated procedure. Use the procedures in the FortiSwitch Cloud Administration Guide instead of procedures on the sticker.

NOTE: The following are the requirements to use all of the features of FortiSwitch Cloud:

• Register your FortiSwitch units with Fortinet Support (https://support.fortinet.com).
• Check that your FortiSwitch units are running FortiSwitchOS 6.0.0 or later.
• Check that your FortiSwitch units are connected to the Internet.
• Subscribe to FortiCare (https://www.fortinet.com/support-and-training/support-services/forticare-support.html).
• Purchase a FortiSwitch Cloud Management license for each FortiSwitch unit through authorized Fortinet resellers and distributors.
  1. After you purchase a FortiSwitch Cloud Management license, you need to register it in your FortiCare account.
  2. FortiSwitch Cloud will automatically import the license from your FortiCare account during its regular license check. Depending on when the license was registered, there might be a delay before the license is available in FortiSwitch Cloud.
• Set your FortiSwitch units to the standalone mode.
• Check that the system time on your FortiSwitch units is accurate. To set the time on your FortiSwitch unit, see the FortiSwitchOS Administration Guide—Standalone Mode.

To get started using FortiSwitch Cloud, follow these procedures:

1. Using the correct switch management mode for cloud management
2. Enabling and disabling cloud management
3. Logging in to FortiSwitch Cloud
4. Deploying your FortiSwitch units in FortiSwitch Cloud

Using the correct switch management mode for cloud management

To manage a FortiSwitch unit from FortiSwitch Cloud, make certain that the switch management mode is set to local using the following commands on your FortiSwitch unit:

config system global

set switch-mgmt-mode local

end

 

If your FortiSwitch unit is in FortiLink mode, you need to change your switch management mode to local and also run the following command on your FortiGate unit:

execute switch-controller set-standalone <switch-id>

This command returns the FortiSwitch unit to the factory defaults, reboots the FortiSwitch unit, and prevents the FortiGate unit from automatically detecting and authorizing the FortiSwitch unit.

Checking your FortiSwitch Cloud configuration

To check your FortiSwitch Cloud configuration, use the following commands:

S524DF4K15000024 # config system fsw-cloud
S524DF4K15000024 (fsw-cloud) # get

interval            : 45
name                : fortiswitch-dispatch.forticloud.com
port                : 443
status              : enable

Option	Description
interval	The time in seconds allowed for domain name system (DNS) resolution. The default is 15 seconds. The range of values is 3-300 seconds.
name	The domain name for FortiSwitch Cloud. By default, this field is set to fortiswitch-dispatch.forticloud.com.
port	Port number used to connect to FortiSwitch Cloud. The default is port 443.
status	Whether access to FortiSwitch Cloud is enabled or disabled. By default, the status is set to enable.

To check your connections to FortiSwitch Cloud, use the get system fsw-cloud-mgr connection-info command.

The State-Machine field is set to FSMGR_STATE_READY when your FortiSwitch unit is being managed by FortiSwitch Cloud. The SSL tunnel is the secure communication channel between your FortiSwitch unit and FortiSwitch Cloud. FortiSwitch Cloud uses the Socket Secure protocol (SOCKS) to communicate with your FortiSwitch units.

For example:

S524DF4K15000024 # get system fsw-cloud-mgr connection-info
			
User Account-ID:    : 012345
Dispatch Service    : IP= xx.xx.xx.xx
SSL verify Code     : ok
Access Service      : IP= xx.xx.xx.xx, Port= 443, Connected on: 2018-11-28 10:59:32
Bootstrap Service   : hostname= xxxxxxxxxx, Port= 8000	

Remote Assistance   : Disabled.		
State-Machine       : State= FSMGR_STATE_READY, Event= EV_READY_HBEAT_GOOD	
					
SSL Local End-Point : Interface: mgmt, IP: xx.xx.xx.xx			
SSL Tunnel Uptime   : Days: 0  Hours: 2 Mins: 22 [Connected @2018-11-28 10:59:32]
SSL Tunnel stats    : restart-count= 4, Reason= Configuration Change

Stats:
========
Switch  Keep Alive  Tx/Reply := 45 / 45
Manager Keep Alive  Rx/Error := 45 / 0

Socks   Req Rx/Last Stream-ID := 224 / 14
Reset   Req Rx/last Stream-ID := 8 / 12
Goaway  Req Rx  := 0
Unknown Req Rx  := 0
			
Syslog FD/Tx/Err := 8 / 3 / 0

Used SOCKS stream-id:
=======================
SID             SockFd          State           Description
___             ______          _____           _______________
18              10              DATA            REST REQ
5               0               DATA            SYSLOG DATA

Enabling and disabling cloud management

To allow your FortiSwitch unit to be managed by FortiSwitch Cloud, use the following commands:

config system fsw-cloud

set status enable

end

 

If you want to remove a FortiSwitch unit from FortiSwitch Cloud, use the following commands:

config system fsw-cloud

set status disable

end

Logging in to FortiSwitch Cloud

You do not need to create a separate account for FortiSwitch Cloud. You can use your FortiCare account to log in.

NOTE: You cannot use an existing FortiCloud account for FortiSwitch Cloud.

To log in to FortiSwitch Cloud:

1. Go to https://fortiswitch.forticloud.com.
   
   
2. Select LOGIN.
   
   
3. Enter your FortiCare account identifier and enter your password.
4. Select LOGIN.
   The first time that you log in, a special landing page appears. To bypass the landing page in the future, clear the Show this page on login check box.
   

   

5. Select Proceed to Account.