Fortinet black logo

Administration Guide

Introduction

Copy Link
Copy Doc ID 0f66c6af-cee6-11eb-97f7-00505692583a:755567
Download PDF

Introduction

This guide provides information about configuring a FortiSwitch unit in standalone mode. In standalone mode, you manage the FortiSwitch unit by connecting directly to the unit, either using the web-based manager (also known as the GUI) or the CLI.

If you will be managing your FortiSwitch unit using a FortiGate unit, refer to the following guide: FortiSwitch Managed by FortiOS 7.0.

This section covers the following topics:

Supported models

This guide is for all FortiSwitch models that are supported by FortiSwitchOS, which includes all of the D-series, E-series, and F-series models.

Whatʼs new in FortiSwitchOS 7.0.1

Release 7.0.1 provides the following new features:

  • You can now configure VLAN stacking (QnQ) and VLAN mapping in the GUI.
  • The Log Entries page (Log > Entries) has been redesigned to make it easier to read the log messages.
  • You can now enable explicit congestion notification (ECN) marking when you create or edit a QoS egress policy in the GUI.
  • You can now use the set fec-state detect-by-module command to allow split ports of the FS-1048E and FS-3032E models to automatically detect whether forward error correction (FEC) is supported by the module.
  • Policy-based routing (PBR) allows users to define the next hop for packets based on the packetʼs source or destination IP addresses. You can specify the virtual routing and forwarding (VRF) instance that the next hop belongs to or the default VRF instance is used. You can assign the next hop to a next-hop group to use equal-cost multi-path (ECMP) routing.
  • The new Route Diagnostic page (Router > Diagnostic) displays a summary of existing routes for a specific IP address or host name and lists the network hops to the specified IP address or host name.
  • The new ARP Table page (Router > ARP Table) lists the IP address, number of minutes that the ARP entry has been in the ARP table, MAC address, and interface for each ARP table entry.
  • When you add a RADIUS server in the GUI, you can now test if the user credentials for the RADIUS server are valid.
  • Equal Cost Multi-Path (ECMP) is now supported by the FS-5xxD models with IPv6.
  • You can now specify which switch goes dormant when the split-brain state occurs by setting the priority of each switch. The priority can be 0-100 and is 50 by default. The switch peer with the lowest priority value goes dormant when the split-brain state occurs. If both switch peers have the same priority, the switch with the lowest numerical MAC address goes dormant when the split-brain state occurs.
  • You can now force the switch going dormant when the split-brain state occurs to shut down all ports before going dormant. The state of the ICL trunk ports is not changed. By default, this option is disabled.
  • Layer-3 IPv4 dynamic routing with MCLAG peer groups is now supported.
  • You can now display the VRF IPv6 entries of the routing table.

Refer to the FortiSwitch feature matrix for details about the features supported by each FortiSwitch model.

Before you begin

Before you start administrating your FortiSwitch unit, it is assumed that you have completed the initial configuration of the FortiSwitch unit, as outlined in the QuickStart Guide for your FortiSwitch model and have administrative access to the FortiSwitch unit’s GUI and CLI.

Introduction

This guide provides information about configuring a FortiSwitch unit in standalone mode. In standalone mode, you manage the FortiSwitch unit by connecting directly to the unit, either using the web-based manager (also known as the GUI) or the CLI.

If you will be managing your FortiSwitch unit using a FortiGate unit, refer to the following guide: FortiSwitch Managed by FortiOS 7.0.

This section covers the following topics:

Supported models

This guide is for all FortiSwitch models that are supported by FortiSwitchOS, which includes all of the D-series, E-series, and F-series models.

Whatʼs new in FortiSwitchOS 7.0.1

Release 7.0.1 provides the following new features:

  • You can now configure VLAN stacking (QnQ) and VLAN mapping in the GUI.
  • The Log Entries page (Log > Entries) has been redesigned to make it easier to read the log messages.
  • You can now enable explicit congestion notification (ECN) marking when you create or edit a QoS egress policy in the GUI.
  • You can now use the set fec-state detect-by-module command to allow split ports of the FS-1048E and FS-3032E models to automatically detect whether forward error correction (FEC) is supported by the module.
  • Policy-based routing (PBR) allows users to define the next hop for packets based on the packetʼs source or destination IP addresses. You can specify the virtual routing and forwarding (VRF) instance that the next hop belongs to or the default VRF instance is used. You can assign the next hop to a next-hop group to use equal-cost multi-path (ECMP) routing.
  • The new Route Diagnostic page (Router > Diagnostic) displays a summary of existing routes for a specific IP address or host name and lists the network hops to the specified IP address or host name.
  • The new ARP Table page (Router > ARP Table) lists the IP address, number of minutes that the ARP entry has been in the ARP table, MAC address, and interface for each ARP table entry.
  • When you add a RADIUS server in the GUI, you can now test if the user credentials for the RADIUS server are valid.
  • Equal Cost Multi-Path (ECMP) is now supported by the FS-5xxD models with IPv6.
  • You can now specify which switch goes dormant when the split-brain state occurs by setting the priority of each switch. The priority can be 0-100 and is 50 by default. The switch peer with the lowest priority value goes dormant when the split-brain state occurs. If both switch peers have the same priority, the switch with the lowest numerical MAC address goes dormant when the split-brain state occurs.
  • You can now force the switch going dormant when the split-brain state occurs to shut down all ports before going dormant. The state of the ICL trunk ports is not changed. By default, this option is disabled.
  • Layer-3 IPv4 dynamic routing with MCLAG peer groups is now supported.
  • You can now display the VRF IPv6 entries of the routing table.

Refer to the FortiSwitch feature matrix for details about the features supported by each FortiSwitch model.

Before you begin

Before you start administrating your FortiSwitch unit, it is assumed that you have completed the initial configuration of the FortiSwitch unit, as outlined in the QuickStart Guide for your FortiSwitch model and have administrative access to the FortiSwitch unit’s GUI and CLI.