FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
keithli_FTNT
Staff
Staff
Article Id 194956
Description

In 5.2, the various switch modes can be broken up into:

Mode

Summary

Config

1. Interface Mode
2. Hub Mode
3. Switch Mode
Available on units with an internal switch such as 60B, 60C, etc..
config sys global
  set internal-switch-mode {switch|interface|hub}
end
4. Hardware Switch Similar to 3) except more flexible and allows individual ports to be grouped together
config system virtual-switch
  edit "lan"
    set physical-switch "sw0"
      config port
        edit "port1"
       
5. Software Switch Similar to 4) except processed by software
config system switch-interface
  edit <name>
    set member <port1> <port2>
end
6. VLAN Switch Mode native VLAN feature for units with many ports
config sys interface
  edit <name>
    set type switch-vlan
end
config switch-controller vlan
  edit <name>
      set vlanid 10

In 5.4, there will no longer be a “set internal-switch-mode” option in global, because of the removal of Hub and Switch mode. Upon upgrade, Switch mode will be converted into Hardware Switch mode.

Changes in 5.4:

Mode

Change

1. Interface Mode
Ports are by default in Interface Mode. “set internal-switch-mode” entirely removed since only Interface Mode is supported in 5.4
2. Hub Mode Removed
3. Switch Mode Removed. Upgrade will convert configs to Hardware Switch mode
4. Hardware Switch Default settings for most low-end models
5. Software Switch Unchanged
6. VLAN Switch Mode CLI support only for FG-100D and FG-200D
GUI kept for FGT with 40 or more ports




Contributors