Connecting FortiLink Ports
This section contains information about the FortiSwitch and FortiGate ports that you connect to establish a FortiLink connection.
For all FortiGate models, you can connect up to 16 FortiSwitches to one FortiGate unit.
In FortiSwitchOS 3.3.0 and later releases, you can use any of the switch ports for FortiLink. Some or all of the switch ports (depending on the model) support auto-discovery of the FortiLink ports.
You have a choice of connecting a single FortiLink port or multiple FortiLink ports as a logical interface (link-aggregation group, hardware switch or software switch).
Summary of the Steps
- If required,enable the Switch Controller on FortiGate
- Connect a cable between the FortiSwitch port(s) and the FortiGate port(s)
Enable the Switch Controller on FortiGate
Prior to connecting the FortiSwitch and FortiGate units, ensure that the Switch Controller feature is enabled on the FortiGate (depending on the FortiGate model and software release, this feature may be enabled by default).
Use the FortiGate web-based manager or CLI to enable the Switch Controller.
Using the FortiGate web-based manager
- Go to System > Feature Select.
- Turn on the Switch Controller feature.
- Select Apply.
The menu option WiFi & Switch Controller now appears in the web-based manager.
Using the FortiGate CLI
Use the following command to enable the Switch Controller.
config system global
set switch-controller enable
end
Connect the FortiSwitch and FortiGate
In FortiSwitchOS 3.3.0 and later releases, FortiSwitchOS provides additional flexibility for FortiLink:
- Use any switch port for FortiLink
- Provides auto-discovery of the FortiLink ports on the FortiSwitch
- Choice of a single FortiLink port or multiple FortiLink ports in a link-aggregation group (LAG)
Auto-discovery of the FortiSwitch Ports
In releases FortiSwitchOS 3.3.0 and beyond, the D-series FortiSwitch models support FortiLink auto-discovery, which is automatic detection of the port connected to the FortiGate.
You can use any of the switch ports for FortiLink. Use the following FortiSwitch CLI commands to configure a port for FortiLink auto-discovery:
config switch interface
edit <port>
set auto-discovery-fortilink enable
end
NOTE: Some FortiSwitch ports are enabled for auto-discovery by default. See table below.
NOTE: Complete this configuration step BEFORE connecting the switch to the FortiGate.
Each FortiSwitch model provides a set of ports that are enabled for FortiLink auto-discovery by default. If you connect the FortiLink using one of these ports, no switch configuration is required.
In general (in FortiSwitchOS 3.4.0 and later releases), the last four ports are the default auto-discovery FortiLink ports. You can also run the show switch interface CLI command on the FortiSwitch to see the ports that have auto-discovery enabled.
The table below lists the default auto-discovery ports for each switch model:
FortiSwitch Model | Default Auto-FortiLink ports |
---|---|
FS-108D | ports 9 and 10 |
FSR-112D | ports 9, 10, 11 and 12 |
FS-124D, FS-124D-POE | ports 23, 24, 25 and 26 |
FS-224D-POE | ports 21, 22, 23 and 24 |
FS-224D-FPOE | ports 25, 26, 27 and 28 |
FS-248D-POE | ports 49, 50, 51, and 52 |
FS-248D-FPOE | ports 49, 50, 51, and 52 |
FS-424D, FS-424D-POE, FS-424D-FPOE | ports 25 and 26 |
FS-448D, FS-448D-POE, FS-448D-FPOE | ports 49, 50, 51, and 52 |
FS-524D, FS-524D-FPOE | ports 25, 26, 27, 28, 29 and 30 |
FS-548D, FS-548D-FPOE | ports 49, 50, 51, 52, 53 and 54 |
FS-1024D, FS-1048D, FS-3032D | all ports |
Choosing the FortiGate Ports
For all FortiGate models, you can connect up to 16 FortiSwitches to one FortiGate unit. The FortiGate manages all of the switches through one active FortiLink. The FortiLink may consist of one port or multiple ports (for a LAG).
As a general rule, FortiLink is supported on all ports that are listed as LAN ports or Switch ports.