Dec 24, 2017 - all i see is an option to create software hardware switches, assign. With VLANs on Fortigates. Cause it's not designed to be a L3 switch, but. New feature: FortiGate Hardware Switch Interface. Published on Juni 21, 2013 in Firmware / Software and Fortinet. 6 Comments Tags: FortiGate, hardware, switch.

P h ys i ca l FortiGate units have a number of physical ports where you connect ethernet or optical cables. Depending on the model, they can have anywhere from four to 40 physical ports. Some units have a grouping of ports labelled as internal, providing a built-in switch functionality. In FortiOS, the port names, as labeled on the FortiGate unit, appear in the web-based manager in the U n i t Operation widget, found on the Dashboard. They also appear when you are configuring the interfaces, by going to S ys t e m > Network > Interface.

As shown below, the FortiGate-100D (Generation 2) has 22 interfaces. Two of the physical ports on the FortiGate-100D (Generation 2) are SFP ports.

These ports share the numbers 15 and 16 with RJ-45 ports. Because of this, when SFP port 15 is used, RJ-45 port 15 cannot be used, and vice versa. These ports also share the same MAC address. Con f i gu r i n g the FortiGate-100D ports Normally the internal interface is configured as a single interface shared by all physical interface connections – a switch. The switch mode feature has two states – switch mode and interface mode. Switch mode is the default mode with only one interface and one address for the entire internal switch. Interface mode enables you to configure each of the internal switch physical interface connections separately.

This enables you to assign different subnets and netmasks to each of the internal physical interface connections. The larger FortiGate units can also include Advanced Mezzanine Cards (AMC), which can provide additional interfaces (Ethernet or optical), with throughput enhancements for more efficient handling of specialized traffic. These interfaces appear in FortiOS as port amc/sw1, amc/sw2 and so on. In the following illustration, the FortiGate-3810A has three AMC cards installed: two single-width (amc/sw1, amc/sw2) and one double-width (amc/dw).

In t e r f ac e settings In S ys t e m > Network > Interface, you configure the interfaces, physical and virtual, for the FortiGate unit. There are different options for configuring interfaces when the FortiGate unit is in NAT mode or transparent mode. On FortiOS Carrier, you can also enable the Gi gatekeeper on each interface for anti-overbilling.

I n t e r f ac e page C r ea t e New Select to add a new interface, zone or, in transparent mode, port pair. For more information on configuring zones, see Zones. Depending on the model you can add a VLAN interface, a loopback inter- face, a IEEE 802.3ad aggregated interface, or a redundant interface. When VDOMs are enabled, you can also add Inter-VDOM links. I n t e r f ac e page The names of the physical interfaces on your FortiGate unit.

This includes any alias names that have been configured. When you combine several interfaces into an aggregate or redundant inter- face, only the aggregate or redundant interface is listed, not the component interfaces. N a m e If you have added VLAN interfaces, they also appear in the name list, below the physical or aggregated interface to which they have been added.

If you have added loopback interfaces, they also appear in the interface list, below the physical interface to which they have been added. If you have software switch interfaces configured, you will be able to view them. If your FortiGate unit supports AMC modules, the interfaces are named amc-sw1/1, amc-dw1/2, and so on. T y p e The configuration type for the interface. I P / N e t m as k The current IP address and netmask of the interface. In VDOM, when VDOMs are not all in NAT or transparent mode some val- ues may not be available for display and will be displayed as “-”.

A ccess The administrative access configuration for the interface. A d m i n i s t r a t i v e Status Indicates if the interface can be accessed for administrative purposes. If the administrative status is a green arrow, and administrator could connect to the interface using the configured access. Driver viamichelin x 950 xp. If the administrative status is a red arrow, the interface is administratively down and cannot be accessed for administrative purposes. L i n k Status The status of the interface physical connection. Link status can be either up (green arrow) or down (red arrow).