Description | This article describes how to create a loopback interface for FortiSwitch CLI and make sure communication between both loopback interfaces on FortiGate and FortiSwitch works. |
Scope | FortiGate v7.0.x and higher. |
Solution |
Step 1: Create a loopback interface on FortiGate and FortiSwitch: Loopback interface on FortiGate. In the below example, the loopback interface name is testloopback, and the IP address: 192.10.10.1/32.
Refer to the below article to create a loopback interface on FortiGate GUI: Technical Tip: How to create loopback interface from GUI
Step 2: Create a loopback interface as the below steps on a FortiWwitch:
In the below example, choose the FortiSwitch loopback interface as 192.168.200.10/32.
config system interface edit loopback set ip 192.168.200.10 255.255.255.255 end
Step 3: Once the interfaces are created, it is necessary to create a static route for the loopback address of the FortiSwitch via the FortiLink interface with the FortiSwitch IP address as the gateway as the loopback interface does not have any VLAN ID to attach.
In the below example, 10.255.1.2 is the switch ip where the loopback interface is configured.
Step 4: Make sure firewall policies are in place to pass traffic between the interfaces, and disable NAT.
Now, try to ping the FortiSwitch loopback interface by sourcing from the loopback interface FortiGate source 192.10.10.1 destination 192.168.200.10/32 on the FortiSwitch.
From FortiSwitch:
S148EN5919-----4 # execute ping 192.10.10.1 --- 192.10.10.1 ping statistics --- |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.