Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 7.4.0
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    New Features

    7.4.0
    8.0.0
    7.6.0
    7.4.0
    7.2.0
    7.0.0
    6.4.0
    6.2.0

    Set the priority for dynamic or egress VLAN assignment 7.4.2

    Set the priority for dynamic or egress VLAN assignment 7.4.2

    Starting in FortiOS 7.4.2 with FortiSwitchOS 7.4.2, you can change how a managed FortiSwitch unit searches for VLANs with names (specified in the set description command) that match the Tunnel-Private-Group-Id or Egress-VLAN-Name attribute.

    Before FortiOS 7.4.2 and FortiSwitchOS 7.4.2, if there was more than one VLAN with the same name (specified in the set description command), the managed FortiSwitch unit selected the VLAN with the lowest VLAN ID that matched the Tunnel-Private-Group-Id or Egress-VLAN-Name attribute.

    In the following example, the Tunnel-Private-Group-Id attribute is set to testVLAN, and three VLANs have the same name of testVLAN. The managed FortiSwitch unit matches the Tunnel-Private-Group-Id attribute with the VLAN with the lowest ID, VLAN 4.

    VLAN ID

    VLAN name

    4

    testVLAN

    5

    testVLAN

    6

    testVLAN

    In FortiOS 7.4.2 with FortiSwitchOS 7.4.2, you can assign a priority to each VLAN. If there is more than one VLAN with the same name (specified in the set description command), the managed FortiSwitch unit selects the VLAN with the lowest assignment-priority value (which is the highest priority) of the VLANs with names that match the RADIUS Tunnel-Private-Group-Id or Egress-VLAN-Name attribute. The assignment-priority value can be 1-255. By default, the assignment-priority is 128. The lowest assignment-priority value gets the highest priority.

    In the following example, the Tunnel-Private-Group-Id attribute is set to localVLAN, and four VLANs have the same name of localVLAN. The managed FortiSwitch unit matches the Tunnel-Private-Group-Id attribute with the VLAN with the lowest priority, VLAN 5.

    VLAN ID

    VLAN name

    VLAN priority

    4

    localVLAN

    50

    5

    localVLAN

    25

    6

    localVLAN

    75

    7

    localVLAN

    100
    To set the priority on the managed FortiSwitch unit for matching VLAN names:

    config switch-controller managed-switch

    edit <FortiSwitch_serial_number>

    config vlan

    edit <VLAN_name>

    set assignment-priority <1-255>

    next

    end

    next

    end

    For example:

    config switch-controller managed-switch

    edit "S524DF4K15000024"

    config vlan

    edit vlan5

    set assignment-priority 200

    next

    end

    next

    end

    Previous
    Next

    Set the priority for dynamic or egress VLAN assignment 7.4.2

    Set the priority for dynamic or egress VLAN assignment 7.4.2

    Starting in FortiOS 7.4.2 with FortiSwitchOS 7.4.2, you can change how a managed FortiSwitch unit searches for VLANs with names (specified in the set description command) that match the Tunnel-Private-Group-Id or Egress-VLAN-Name attribute.

    Before FortiOS 7.4.2 and FortiSwitchOS 7.4.2, if there was more than one VLAN with the same name (specified in the set description command), the managed FortiSwitch unit selected the VLAN with the lowest VLAN ID that matched the Tunnel-Private-Group-Id or Egress-VLAN-Name attribute.

    In the following example, the Tunnel-Private-Group-Id attribute is set to testVLAN, and three VLANs have the same name of testVLAN. The managed FortiSwitch unit matches the Tunnel-Private-Group-Id attribute with the VLAN with the lowest ID, VLAN 4.

    VLAN ID

    VLAN name

    4

    testVLAN

    5

    testVLAN

    6

    testVLAN

    In FortiOS 7.4.2 with FortiSwitchOS 7.4.2, you can assign a priority to each VLAN. If there is more than one VLAN with the same name (specified in the set description command), the managed FortiSwitch unit selects the VLAN with the lowest assignment-priority value (which is the highest priority) of the VLANs with names that match the RADIUS Tunnel-Private-Group-Id or Egress-VLAN-Name attribute. The assignment-priority value can be 1-255. By default, the assignment-priority is 128. The lowest assignment-priority value gets the highest priority.

    In the following example, the Tunnel-Private-Group-Id attribute is set to localVLAN, and four VLANs have the same name of localVLAN. The managed FortiSwitch unit matches the Tunnel-Private-Group-Id attribute with the VLAN with the lowest priority, VLAN 5.

    VLAN ID

    VLAN name

    VLAN priority

    4

    localVLAN

    50

    5

    localVLAN

    25

    6

    localVLAN

    75

    7

    localVLAN

    100
    To set the priority on the managed FortiSwitch unit for matching VLAN names:

    config switch-controller managed-switch

    edit <FortiSwitch_serial_number>

    config vlan

    edit <VLAN_name>

    set assignment-priority <1-255>

    next

    end

    next

    end

    For example:

    config switch-controller managed-switch

    edit "S524DF4K15000024"

    config vlan

    edit vlan5

    set assignment-priority 200

    next

    end

    next

    end

    Previous
    Next