Description
This section contains information to determine which internal switch mode the FortiGate should use, a decision that should be made before the FortiGate is installed.
The internal switch mode determines how the FortiGate’s physical ports are managed by the FortiGate.
The two main modes are Switch mode and Interface mode.
This article describes the difference between switch mode and interface mode.
Solution
1) Switch mode:
In Switch mode, all the internal interfaces are part of the same sub net and treated as a single interface, called either lan or internal by default, depending on the FortiGate model.
Switch mode is used when the network layout is basic, with most users being on the same sub net.
2) Interface mode:
In Interface mode, the physical interfaces of the FortiGate unit are handled individually, with each interface having its own IP address.
Interfaces can also be combined by configuring them as part of either hardware or software switches, which allow multiple interfaces to be treated as a single interface.
This mode is ideal for complex networks that use different sub nets to compartmentalize the network traffic.
To determine which mode the FortiGate is in, go to System -> Network -> Interfaces.
Localize the lan or internal interface.
If the interface is listed as a physical interface in the type column, then the FortiGate is in Interface mode.
If the interface is a hardware switch, then the FortiGate is in Switch mode.
To change the mode of the FortiGate , make sure that none of the physical ports that make up the lan or internal interface are referenced in the FortiGate configuration.
Go to System -> Dashboard -> Status and enter either of the following commands into the CLI Console:
Command to change to Switch mode:
#config system global
set internal-switch-mode switch
end
Command to change the to interface mode:
#config system global
set internal-switch-mode interface
end
