Fortigate Hardware Vs Software Switch Rating: 9,6/10 8142 reviews
  1. Fortigate Software Switch

New feature: FortiGate Hardware Switch Interface Virtual switch feature enables you create virtual switches on top of the physical switch(es) with designated interfaces/ports so that a virtual switch can build up its forwarding table through learning and forward traffic accordingly.

Fortigate Software Switch

Posted by1 year ago
Archived

Ok, so I have a Fortigate 200D POE with 5.4.6 on it.

It currently works with the following config:

Mini cooper diagnostic software Jul 26, 2018 - I've come across several OBD-II software/interface/scan tool offerings on the 'net - do any of them have significant advantages over the others? I haven't used any of the OBDII programs yet. I am A little partial though due to the responses from another car club. Bavarian Technic Diagnostic Tools For BMW and Mini Cooper. Windows Software that allows you to read and reset trouble codes stored in your BMW or Mini. List of Mini (One, Cooper, etc) which are compatible with the norm EOBD (OBD2). List made thanks to the users of our Software EOBD-Facile.

I have a 'hardware switch' with 3 VLANs assigned to it, along with network port 9-16.

These are effectively trunk ports, correct?

9 is attached to a physical switch that is set up with those 3 VLANs in it, and access ports are configured past that to allow for different workstations to be on different VLANs.

I then have ports 10-16 attached to 7 different POE Meraki APs so that each AP knows about each of the 3 VLANs, plus has power, and the assign SSIDs for each VLAN.

This all works. I am not a fan of how it is set up, but that's what I got.

I now am upgrading my network switches, and want to make use of the SFP ports on the FGT and my new switches for a better uplink..

Comparison

I want to add a couple more VLANs to this HW switch (already assigned individually to other hw ports on the FGT), and also assign the DMZ2 port to this HW switch.. I spoke with a FortiGate rep and they said due to a hardware limitation, DMZ ports are not able to be part of that hardware switch.. but they can be part of a virtual switch, and I can then add the hw switch to that vswitch.. and then assign my VLAN configs to that vswitch..

I am going to try that configuration, but I know using vswitches creates unnecessary CPU overhead so I am trying to come up with a better solution.

It's really strange to me that I can't just make VLAN configs and assign them to multiple interfaces.. Once you assign a VLAN to HW switch 1, you cant also assign that same VLAN to SW Switch 1 or HW Port 3 or whatever. right???

Fortigate

My thoughts are to separate my wireless VLANs from my wired VLANs. VLAN20 wired would be 20, and Wireless would be like VLAN21 and so on. That way, I could assign all the wireless VLANs to a HW Switch using port 10-16 and then my wired VLANs all would go on DMZ2 to my physical switches.. does this make sense?

Minus getting POE injectors for my APs (or powering them another way) I don't see any other way to accomplish this.

Anyone have other suggestions?

Thanks!

edit: formatting

22 comments