FortiOS 5.4 Online Help Link FortiOS 5.2 Online Help Link FortiOS 5.0 Online Help Link FortiOS 4.3 Online Help Link

Home > Online Help

> Chapter 20 - Networking > Interfaces > Soft switch example

Soft switch example

For this example, the wireless interface (WiFi) needs to be on the same subnet as the DMZ1 interface to facilitate wireless syncing from an iPhone and a local computer. The synching between two subnets is problematic. By putting both interfaces on the same subnet the synching will work. The software switch will accomplish this.

note icon In this example, the soft switch includes a wireless interface. Remember to configure any wireless security before proceeding. If you leave this interface open without any password or other security, it leaves open access to not only the wireless interface but to any other interfaces and devices connected within the software switch.

Clear the interfaces and back up the configuration

First, ensure that the interfaces are not being used with any other security policy or other use on the FortiGate unit. Check the WiFi and DMZ1 ports to ensure DHCP is not enabled on the interface and there are no other dependencies with these interfaces.

Next, save the current configuration, in the event something doesn’t work, recovery can be quick.

Merge the interfaces

The plan is to merge the WiFi port and DMZ1 port. This will create a software switch with a name of “synchro” with an IP address of 10.10.21.12. The following steps will create the switch, add the IP and then set the administrative access for HTTPS, SSH and Ping.

To merge the interfaces - CLI

config system switch-interface

edit synchro

set type switch

set member dmz1 wifi

end

config system interface

edit synchro

set ip 10.10.21.12

set allowaccess https ssh ping

end

Final steps

With the switch set up, you can now add security policies, DHCP servers and any other configuration that you would normally do to configure interfaces on the FortiGate unit.