Setting Up Fortigate Interface Mode and Soft-Switch

Often times it is advantageous to divide up the internal swtich into individual interfaces.  Reasons for doing this include additioanl hardware port for routing, or additional ports to implement one-arm sniffers.  The following are some of the commands necessary to accomplish this.

To put a FortiGate in Interface mode:

config system global
set internal-switch-mode interface

To create a software-switch

config system switch-interface
edit name (example SW1-3)
set member internal1 internal2 internal3 (the names may be different depending on firmware and model,  you can use the tab key to scroll through valid names)..
set vdom root
next
end

To assign an IP address and management access to the software-switch

config system interface
edit SW1-3
set ip address and mask (example 192.168.1.1 255.255.255.0)
set allowaccess ping https ssh
next
end

For IT Support and InfoSec services in the Dayton, Ohio area please visit our web site at www.quanexus.com

 

Post a comment or leave a trackback: Trackback URL.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: