Connecting FortiLink Ports

This section contains information about the FortiSwitch and FortiGate ports that you connect to establish a FortiLink connection.

For all FortiGate models, you can connect up to 16 FortiSwitches to one FortiGate unit.

In FortiSwitchOS 3.3.0 and later releases, you can use any of the switch ports for FortiLink. Some or all of the switch ports (depending on the model) support auto-discovery of the FortiLink ports.

You have a choice of connecting a single FortiLink port or multiple FortiLink ports as a logical interface (link-aggregation group, hardware switch or software switch).

Summary of the Steps

  1. If required,enable the Switch Controller on FortiGate
  2. Connect a cable between the FortiSwitch port(s) and the FortiGate port(s)

Enable the Switch Controller on FortiGate

Prior to connecting the FortiSwitch and FortiGate units, ensure that the Switch Controller feature is enabled on the FortiGate (depending on the FortiGate model and software release, this feature may be enabled by default).

Use the FortiGate web-based manager or CLI to enable the Switch Controller.

Using the FortiGate web-based manager
  1. Go to System > Feature Select.
  2. Turn on the Switch Controller feature.
  3. Select Apply.

The menu option WiFi & Switch Controller now appears in the web-based manager.

Using the FortiGate CLI

Use the following command to enable the Switch Controller.

config system global

set switch-controller enable

end

Connect the FortiSwitch and FortiGate

In FortiSwitchOS 3.3.0 and later releases, FortiSwitchOS provides additional flexibility for FortiLink:

  • Use any switch port for FortiLink
  • Provides auto-discovery of the FortiLink ports on the FortiSwitch
  • Choice of a single FortiLink port or multiple FortiLink ports in a link-aggregation group (LAG)

Auto-discovery of the FortiSwitch Ports

In releases FortiSwitchOS 3.3.0 and beyond, the D-series FortiSwitch models support FortiLink auto-discovery, which is automatic detection of the port connected to the FortiGate.

You can use any of the switch ports for FortiLink. Use the following FortiSwitch CLI commands to configure a port for FortiLink auto-discovery:

config switch interface

edit <port>

set auto-discovery-fortilink enable

end

 

NOTE: Some FortiSwitch ports are enabled for auto-discovery by default. See table below.

NOTE: Complete this configuration step BEFORE connecting the switch to the FortiGate.

Each FortiSwitch model provides a set of ports that are enabled for FortiLink auto-discovery by default. If you connect the FortiLink using one of these ports, no switch configuration is required.

In general (in FortiSwitchOS 3.4.0 and later releases), the last four ports are the default auto-discovery FortiLink ports. You can also run the show switch interface CLI command on the FortiSwitch to see the ports that have auto-discovery enabled.

The table below lists the default auto-discovery ports for each switch model:

FortiSwitch Model Default Auto-FortiLink ports
FS-108D ports 9 and 10
FSR-112D ports 9, 10, 11 and 12
FS-124D, FS-124D-POE ports 23, 24, 25 and 26
FS-224D-POE ports 21, 22, 23 and 24
FS-224D-FPOE ports 25, 26, 27 and 28
FS-248D-POE ports 49, 50, 51, and 52
FS-248D-FPOE ports 49, 50, 51, and 52
FS-424D, FS-424D-POE, FS-424D-FPOE ports 25 and 26
FS-448D, FS-448D-POE, FS-448D-FPOE ports 49, 50, 51, and 52
FS-524D, FS-524D-FPOE ports 25, 26, 27, 28, 29 and 30
FS-548D, FS-548D-FPOE ports 49, 50, 51, 52, 53 and 54
FS-1024D, FS-1048D, FS-3032D all ports

Choosing the FortiGate Ports

For all FortiGate models, you can connect up to 16 FortiSwitches to one FortiGate unit. The FortiGate manages all of the switches through one active FortiLink. The FortiLink may consist of one port or multiple ports (for a LAG).

As a general rule, FortiLink is supported on all ports that are listed as LAN ports or Switch ports.