Fortinet Document Library
Version:
7.2.0
7.0.4
7.0.3
Version:
7.0.2
7.0.1
7.0.0
Version:
6.4.6
6.4.5
6.4.3
Version:
6.4.2
6.4.0
6.2.5
Version:
6.2.2
6.2.1
6.2.0
Table of Contents
Introduction
System
Dashboard
Network
Management ports
Models without a dedicated management port
Models with a dedicated management port
Example configurations
Overlapping subnets
Switch virtual interfaces
VRRP
Loopback
IP conflict detection
ARP timeout value
Using SSH and the Telnet client
Config
SNMP
Firmware
Backup
Revisions
Licenses
Time
SSL
Configuring the temperature sensor
Admin
Administrators
Profiles
Access control
Monitor
Setting the idle timeout
Configuring system banners
Using the alias commands
User
User definition
User groups
Authentication
RADIUS
TACACS
TACACS+ server
Administrative accounts
User accounts
Example configuration
Flow export
DHCP
Configuring a DHCP server
Detailed operation of a DHCP relay
Configuring a DHCP relay
Packet capture
Fault relay support
Identifying a specific FortiSwitch unit
Using the Reset button on FortiSwitch units
Switch
Port
Physical port settings
Configuring general port settings
Configuring flow control, priority-based flow control, and ingress pause metering
Auto-module speed detection
Setting port speed (autonegotiation)
Configuring power over Ethernet on a port
Energy-efficient Ethernet
Diagnostic monitoring interface module status
Configuring split ports
Configuring QSFP low-power mode
Configuring physical port loopbacks
Switched interfaces
Dynamic MAC address learning
Layer-2 table
Loop guard
TFTP network port
Cable diagnostics
Link aggregation groups
MCLAG
Multi-stage load balance
Unicast hashing
Interface
MACsec
802.1x authentication
Dynamic VLAN assignment
Dynamic access control lists
MAC authentication bypass (MAB)
Configuring global settings
Configuring the 802.1x settings on an interface
Viewing the 802.1x details
Clearing authorized sessions
Authenticating users with a RADIUS server
Authenticating an admin user with RADIUS
RADIUS accounting and FortiGate RADIUS single sign-on
RADIUS change of authorization (CoA)
Use cases
Detailed deployment notes
STP
MSTP overview and terminology
MSTP configuration
Interactions outside of the MSTP region
Viewing the MSTP configuration
Support for interoperation with Rapid per-VLAN RSTP (Rapid PVST+ or RPVST+)
Flap guard
IP source guard
Dynamic ARP inspection
IPv6 router advertisement guard
LLDP-MED
Configuration notes
LLDP global settings
Configuring LLDP profiles
Configuring an LLDP profile for the port
Enabling LLDP on a port
Checking the LLDP configuration
Configuration deployment example
Checking LLDP details
LLDP OIDs
ACL
ACL policy attributes
Configuring an ACL policy
Configuration examples
Selective packet sampling
Creating a schedule
IGMP snooping
MLD snooping
PoE
sFlow
Mirror
Configuring a SPAN mirror
Configuring an RSPAN mirror
Configuring an ERSPAN auto mirror
Configuring an ERSPAN manual mirror
VLAN
Native VLAN
Allowed VLAN list
Untagged VLAN list
Packet processing
Configuring VLANs
Example 1
Example 2
VLAN stacking (QnQ)
MAC/IP/protocol-based VLANs
Private VLANs
Virtual wires
Storm control
MAC entries
Persistent (sticky) MAC addresses
Static MAC addresses
Network monitoring
IP-MAC binding
QoS
Classification
Marking
Queuing
Determining the egress queue
Configuring FortiSwitch QoS
Checking the QoS statistics
Resetting and restoring QoS counters
Configuring security checks
Cut-through switching mode
Enabling packet forwarding
Configuring auto topology
Viewing port statistics
DHCP snooping
Media Redundancy Protocol
Configuring PTP transparent-clock mode
Router
Config
Layer-3 routing in hardware
Using layer-3 routing within an MCLAG
Unicast reverse-path forwarding (uRPF)
Policy-based routing
OSPF
RIP
BGP routing
Parts and terminology of BGP
How BGP works
Troubleshooting BGP
Configuring BGP
Sample configuration
IS-IS routing
Multicast
Static and IPv6 static
Remote access to the management port
Equal cost multi-path (ECMP) routing
Link probes
Link monitor
Bidirectional forwarding detection
Virtual routing and forwarding
Diagnostic
ARP table
Monitor
Log
Deployment scenario
Appendix A: FortiSwitch-supported RFCs
Appendix B: Supported attributes for RADIUS CoA and RSSO
Appendix C: SNMP OIDs for FortiSwitch models
Home
FortiSwitch 7.0.3
Administration Guide
Administration Guide
Introduction
System
Dashboard
Network
Management ports
Models without a dedicated management port
Models with a dedicated management port
Example configurations
Overlapping subnets
Switch virtual interfaces
VRRP
Loopback
IP conflict detection
ARP timeout value
Using SSH and the Telnet client
Config
SNMP
Firmware
Backup
Revisions
Licenses
Time
SSL
Configuring the temperature sensor
Admin
Administrators
Profiles
Access control
Monitor
Setting the idle timeout
Configuring system banners
Using the alias commands
User
User definition
User groups
Authentication
RADIUS
TACACS
TACACS+ server
Administrative accounts
User accounts
Example configuration
Flow export
DHCP
Configuring a DHCP server
Detailed operation of a DHCP relay
Configuring a DHCP relay
Packet capture
Fault relay support
Identifying a specific FortiSwitch unit
Using the Reset button on FortiSwitch units
Switch
Port
Physical port settings
Configuring general port settings
Configuring flow control, priority-based flow control, and ingress pause metering
Auto-module speed detection
Setting port speed (autonegotiation)
Configuring power over Ethernet on a port
Energy-efficient Ethernet
Diagnostic monitoring interface module status
Configuring split ports
Configuring QSFP low-power mode
Configuring physical port loopbacks
Switched interfaces
Dynamic MAC address learning
Layer-2 table
Loop guard
TFTP network port
Cable diagnostics
Link aggregation groups
MCLAG
Multi-stage load balance
Unicast hashing
Interface
MACsec
802.1x authentication
Dynamic VLAN assignment
Dynamic access control lists
MAC authentication bypass (MAB)
Configuring global settings
Configuring the 802.1x settings on an interface
Viewing the 802.1x details
Clearing authorized sessions
Authenticating users with a RADIUS server
Authenticating an admin user with RADIUS
RADIUS accounting and FortiGate RADIUS single sign-on
RADIUS change of authorization (CoA)
Use cases
Detailed deployment notes
STP
MSTP overview and terminology
MSTP configuration
Interactions outside of the MSTP region
Viewing the MSTP configuration
Support for interoperation with Rapid per-VLAN RSTP (Rapid PVST+ or RPVST+)
Flap guard
IP source guard
Dynamic ARP inspection
IPv6 router advertisement guard
LLDP-MED
Configuration notes
LLDP global settings
Configuring LLDP profiles
Configuring an LLDP profile for the port
Enabling LLDP on a port
Checking the LLDP configuration
Configuration deployment example
Checking LLDP details
LLDP OIDs
ACL
ACL policy attributes
Configuring an ACL policy
Configuration examples
Selective packet sampling
Creating a schedule
IGMP snooping
MLD snooping
PoE
sFlow
Mirror
Configuring a SPAN mirror
Configuring an RSPAN mirror
Configuring an ERSPAN auto mirror
Configuring an ERSPAN manual mirror
VLAN
Native VLAN
Allowed VLAN list
Untagged VLAN list
Packet processing
Configuring VLANs
Example 1
Example 2
VLAN stacking (QnQ)
MAC/IP/protocol-based VLANs
Private VLANs
Virtual wires
Storm control
MAC entries
Persistent (sticky) MAC addresses
Static MAC addresses
Network monitoring
IP-MAC binding
QoS
Classification
Marking
Queuing
Determining the egress queue
Configuring FortiSwitch QoS
Checking the QoS statistics
Resetting and restoring QoS counters
Configuring security checks
Cut-through switching mode
Enabling packet forwarding
Configuring auto topology
Viewing port statistics
DHCP snooping
Media Redundancy Protocol
Configuring PTP transparent-clock mode
Router
Config
Layer-3 routing in hardware
Using layer-3 routing within an MCLAG
Unicast reverse-path forwarding (uRPF)
Policy-based routing
OSPF
RIP
BGP routing
Parts and terminology of BGP
How BGP works
Troubleshooting BGP
Configuring BGP
Sample configuration
IS-IS routing
Multicast
Static and IPv6 static
Remote access to the management port
Equal cost multi-path (ECMP) routing
Link probes
Link monitor
Bidirectional forwarding detection
Virtual routing and forwarding
Diagnostic
ARP table
Monitor
Log
Deployment scenario
Appendix A: FortiSwitch-supported RFCs
Appendix B: Supported attributes for RADIUS CoA and RSSO
Appendix C: SNMP OIDs for FortiSwitch models
7.0.3
7.2.0
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.6
6.4.5
6.4.3
6.4.2
6.4.0
6.2.5
6.2.2
6.2.1
6.2.0
Download PDF
Copy Link
Network
The following topics provide information about network settings:
Management ports
Overlapping subnets
Switch virtual interfaces
VRRP
Loopback
IP conflict detection
ARP timeout value
Using SSH and the Telnet client
Network
Network
The following topics provide information about network settings:
Management ports
Overlapping subnets
Switch virtual interfaces
VRRP
Loopback
IP conflict detection
ARP timeout value
Using SSH and the Telnet client
Link
PDF
TOC
