Fortinet black logo

FortiSwitch (FortiLink) Cookbook

Home FortiSwitch 6.4.6 FortiSwitch (FortiLink) Cookbook

FortiLink configuration

6.4.6
6.4.6
6.4.2
6.0.1
Copy Link
Copy Doc ID 6ef27415-7086-11eb-9995-00505692583a:76442
Download PDF

FortiLink configuration

  1. From Network > Interfaces, create a 802.3ad port
  2. Add the two member ports that will form the LAG and will be interconnected from the FortiGate-Master to the distribution 1 and 2.
  3. Select the addressing mode “Dedicated to FortiSwitch.”
  4. By default, the FortiLink segment is configured in an APIPA address range. In the present context, we will make sure that this segment is routable in order to validate certain metrics on the FortiSwitch GUI. Ensure in an enterprise context that this environment is accessible only through legitimate and restricted privileges.
  5. For the purpose of the exercise, we will ensure that FortiSwitch are not automatically authorized to validate certain steps. But it is quite possible to speed up the process and allow automatic authorization.
  6. Make sure at first that split interface is enabled (until MCLAG configuration).

  7. Connect the FG1-Master to Disti-1 (port9 to port48).

  8. Confirm the discovery of the FortiSwitch unit in the logs.

  9. Authorize the Disti-1 thereafter.

  10. At this point, the switch will reboot and will be converted from standalone to managed mode.

  11. The switch receives an IP address in the previously configured segment.

  12. The CAPWAP tunnel will appear as UP in the logs.

  13. Disti-1 will now be managed.

  14. Link the Distribution 1 to Distribution 2 as follows:

  15. Allow the addition of the Disti2.

Previous
Next

FortiLink configuration

  1. From Network > Interfaces, create a 802.3ad port
  2. Add the two member ports that will form the LAG and will be interconnected from the FortiGate-Master to the distribution 1 and 2.
  3. Select the addressing mode “Dedicated to FortiSwitch.”
  4. By default, the FortiLink segment is configured in an APIPA address range. In the present context, we will make sure that this segment is routable in order to validate certain metrics on the FortiSwitch GUI. Ensure in an enterprise context that this environment is accessible only through legitimate and restricted privileges.
  5. For the purpose of the exercise, we will ensure that FortiSwitch are not automatically authorized to validate certain steps. But it is quite possible to speed up the process and allow automatic authorization.
  6. Make sure at first that split interface is enabled (until MCLAG configuration).

  7. Connect the FG1-Master to Disti-1 (port9 to port48).

  8. Confirm the discovery of the FortiSwitch unit in the logs.

  9. Authorize the Disti-1 thereafter.

  10. At this point, the switch will reboot and will be converted from standalone to managed mode.

  11. The switch receives an IP address in the previously configured segment.

  12. The CAPWAP tunnel will appear as UP in the logs.

  13. Disti-1 will now be managed.

  14. Link the Distribution 1 to Distribution 2 as follows:

  15. Allow the addition of the Disti2.

Previous
Next