Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Administration Guide

Introduction

This guide provides information about configuring a FortiSwitch unit in standalone mode. In standalone mode, you manage the FortiSwitch unit by connecting directly to the unit, either using the web-based manager (also known as the GUI) or the CLI.

If you will be managing your FortiSwitch unit using a FortiGate unit, refer to the FortiLink Guide—FortiSwitch Devices Managed by FortiOS 7.2.

If you will be managing your FortiSwitch unit using FortiLAN Cloud, see the FortiLAN Cloud User Guide.

If you will be managing your FortiSwitch unit using FortiSwitch Manager, see the FortiSwitch Manager Administration Guide.

This section covers the following topics:

Supported models

This guide is for all FortiSwitch models that are supported by FortiSwitchOS, which includes all of the D-series, E-series, and F-series models.

Whatʼs new in FortiSwitchOS 7.2.1

Release 7.2.1 provides the following new features:

  • VXLAN tunnels are now supported on FS-1024E and FS-T1024E.

  • You can now prevent layer-2 loops between virtual tunnel endpoints by having all FortiSwitch units in a VXLAN tunnel act as a single STP root.

  • You can now use a routed VLAN interface (RVI) as the VXLAN tunnel initiator or VXLAN tunnel destination.

  • You can now configure port-based virtual routing and forwarding (VRF) for an RVI.

  • You can now use the dynamic connectivity association key (CAK) mode for Media Access Control security (MACsec).

  • You can now use the CLI to change the priority of MAC authentication bypass (MAB) authentication and Extensible Authentication Protocol (EAP) 802.1X authentication.

  • Some FortiSwitch models now provide perpetual power over Ethernet (PoE) so that a FortiSwitch unit has uninterrupted power while rebooting.

  • You can now configure an automation stitch that will send data to a uniform resource identifier (URI), such as an IP address or URL, when the trigger occurs.

  • The new Router > Multi-Traceroute page allows you to run multiple path traceroute in the GUI. Results are displayed in a chart and table.

  • The System > FortiLAN Cloud page now reports the dispatch service, access service, status of SSL verification, and the reason for the last restart.

  • The following object identifier (OID) has been added, which refers to a list of FortiSwitch models in the FORTINET-FORTISWITCH-MIB.mib file:

    Name

    OID

    sysObjectID

    .1.3.6.1.4.1.12356.106.5.SYS_MODEL

Refer to the FortiSwitch feature matrix for details about the features supported by each FortiSwitch model.

Before you begin

Before you start administrating your FortiSwitch unit, it is assumed that you have completed the initial configuration of the FortiSwitch unit, as outlined in the QuickStart Guide for your FortiSwitch model and have administrative access to the FortiSwitch unit’s GUI and CLI.

Introduction

This guide provides information about configuring a FortiSwitch unit in standalone mode. In standalone mode, you manage the FortiSwitch unit by connecting directly to the unit, either using the web-based manager (also known as the GUI) or the CLI.

If you will be managing your FortiSwitch unit using a FortiGate unit, refer to the FortiLink Guide—FortiSwitch Devices Managed by FortiOS 7.2.

If you will be managing your FortiSwitch unit using FortiLAN Cloud, see the FortiLAN Cloud User Guide.

If you will be managing your FortiSwitch unit using FortiSwitch Manager, see the FortiSwitch Manager Administration Guide.

This section covers the following topics:

Supported models

This guide is for all FortiSwitch models that are supported by FortiSwitchOS, which includes all of the D-series, E-series, and F-series models.

Whatʼs new in FortiSwitchOS 7.2.1

Release 7.2.1 provides the following new features:

  • VXLAN tunnels are now supported on FS-1024E and FS-T1024E.

  • You can now prevent layer-2 loops between virtual tunnel endpoints by having all FortiSwitch units in a VXLAN tunnel act as a single STP root.

  • You can now use a routed VLAN interface (RVI) as the VXLAN tunnel initiator or VXLAN tunnel destination.

  • You can now configure port-based virtual routing and forwarding (VRF) for an RVI.

  • You can now use the dynamic connectivity association key (CAK) mode for Media Access Control security (MACsec).

  • You can now use the CLI to change the priority of MAC authentication bypass (MAB) authentication and Extensible Authentication Protocol (EAP) 802.1X authentication.

  • Some FortiSwitch models now provide perpetual power over Ethernet (PoE) so that a FortiSwitch unit has uninterrupted power while rebooting.

  • You can now configure an automation stitch that will send data to a uniform resource identifier (URI), such as an IP address or URL, when the trigger occurs.

  • The new Router > Multi-Traceroute page allows you to run multiple path traceroute in the GUI. Results are displayed in a chart and table.

  • The System > FortiLAN Cloud page now reports the dispatch service, access service, status of SSL verification, and the reason for the last restart.

  • The following object identifier (OID) has been added, which refers to a list of FortiSwitch models in the FORTINET-FORTISWITCH-MIB.mib file:

    Name

    OID

    sysObjectID

    .1.3.6.1.4.1.12356.106.5.SYS_MODEL

Refer to the FortiSwitch feature matrix for details about the features supported by each FortiSwitch model.

Before you begin

Before you start administrating your FortiSwitch unit, it is assumed that you have completed the initial configuration of the FortiSwitch unit, as outlined in the QuickStart Guide for your FortiSwitch model and have administrative access to the FortiSwitch unit’s GUI and CLI.