Fortinet FortiSwitch-28C Administration Manual
  1. Manuals
  2. Brands
  3. Fortinet Manuals
  4. Switch
  5. FortiSwitch-28C
  6. Administration manual

Fortinet FortiSwitch-28C Administration Manual

Fortiswitch standalone mode
Hide thumbs
Table of Contents

Advertisement

Quick Links

FortiSwitch Standalone Mode
Administration Guide

Advertisement

Table of Contents
loading

Related Manuals for Fortinet FortiSwitch-28C

Summary of Contents for Fortinet FortiSwitch-28C

  • Page 1 FortiSwitch Standalone Mode Administration Guide...
  • Page 2 Fortinet. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests. Fortinet disclaims in full any covenants, representations,and guarantees pursuant hereto, whether express or implied.

  • Page 3: Table Of Contents

    Table of Contents Change Log....................... 4 Introduction....................... 5 Supported Models ....................5 Before You Begin..................... 5 How this Guide is Organized ................... 5 System Settings....................6 Configuring the Management Ports................. 6 Example Configurations..................6 Configuring Static Routing for the Internal Management Port ......10 Ports ........................

  • Page 4: Change Log

    Change Log Date Change Description Sept 19, 2014 Initial release. Page 4...

  • Page 5: Introduction

    Introduction Welcome and thank you for selecting Fortinet products for your network configuration. This guide contains information about the administration of a FortiSwitch unit in standalone mode. In standalone mode, a FortiSwitch is managed by connected directly to the unit, either using the web-based manager (also known as the GUI) or the CLI.

  • Page 6: System Settings

    System Settings This chapter contains information about the initial configuration of your FortiSwitch unit. Configuring the Management Ports Using the web-based manager: First start by editing the default internal interface’s configuration. 1. Go to System > Network > Interface and edit the internal interface. 2.
  • Page 7 Example 1: Port 48 as an inbound management interface Also, the In this example, a physical port is used as an inbound management interface. FortiSwitch in the example has no default VLAN configured to connect its internal interface to any physical port. Figure 1: Using Port 48 of a FortiSwitch-448B unit Port 48 used as an inbound management interface...
  • Page 8 config switch interface edit port48 set native-vlan 4090 set stp-state disabled next edit uplink1 next edit uplink2 next edit internal set native-vlan 4095 set allowed-vlans 4090 set stp-state disabled Example 2: Internal interface as an inbound management interface In this example, the internal interface is used as an inbound management interface. Also, the FortiSwitch has a default VLAN across all physical ports and its internal port.
  • Page 9 Example 3: WAN interface as an inbound management port In this example, the WAN interface is used as an inbound management port. Figure 3: WAN interface of a FortiSwitch-28C WAN 2 port used as an inbound management port Syntax config system interface edit wan2 set ip 10.105.142.10 255.255.255.0...

  • Page 10: Configuring Static Routing For The Internal Management Port

    Figure 4: Out of band management on a FortiSwitch-1024D Port 1 used as an Dedicated Ethernet data port MGMT port Syntax config system interface edit mgmt set ip 10.105.142.19 255.255.255.0 set allowaccess ping https http ssh snmp telnet set type physical next edit internal set type physical...

  • Page 11: Ports

    Ports This chapter contains information on configuring your FortiSwitch’s ports. Configuring a Port Mirror Using the web-based manager: 1. Go to Switch > Port > Mirror. 2. Enable Status. 3. Select a Destination Port. 4. Select available ports to be used for Ingress Monitoring and Egress Monitoring. Using the CLI: config switch mirror set dst "port5"...

  • Page 12: 802.1X

    802.1x This chapter contains information on using 802.1x protocol. Authenticating with a RADIUS server 1. Creating a RADIUS user group: config user radius edit <name> set server <address> 2. Creating a user group: config user group edit <name> set member <list> config match edit 1 set group-name <name>...
  • Page 13 1. Creating a RADIUS user group config user radius edit R1 set server “192.160.10.98” next 2. Creating a user group config user group edit 802group set member user1 R1 config match edit 1 set group-name 802group set server-name R1 802.1x Page 13 Managing a FortiSwitch unit with a FortiGate...

  • Page 14: Lacp Mode

    LACP Mode This chapter contains information on using a FortiSwitch in Link Aggregation Control Protocol (LACP) mode. Configuring the Trunk/LAG Ports It is important to configure the trunk to prevent loops. Using the web-based manager: 1. Go to Switch > Switch > Port and select Create Trunk. 2.
  • Page 15 Figure 5: Trunk/LAG ports 1. Configure the trunk 1 interface and assign member ports as a LAG group: config switch trunk edit trunk1 set members "port1" "port2" "port3" set description test set mode lacp-passive set port-selection criteria src-dst-ip 2. Configure the switch ports to have native vlan assignments and allow those vlans on the port that will be the uplink port: config switch interface edit port 1...

  • Page 16: Viewing The Configured Trunk

    3. Configure the trunk 2 interface and assign member ports as a LAG group: config switch trunk edit trunk2 set members "port4" "port5" set description test set mode lacp-passive set port-selection criteria src-dst-ip Viewing the Configured Trunk In order to see the details of a configured trunk, use the following command: diagnose switch trunk list LACP Mode Page 16...

  • Page 17: Tacacs

    TACACS This chapter contains information on using TACACS authetication with your FortiSwitch unit. Administrative Accounts Administrative, or admin, accounts allow access to various aspects of the FortiSwitch configuration. The level of access is determined by the access profile used in the admin account.

  • Page 18: User Accounts

    Using the CLI: config system admin edit tacuser set remote-auth enable set wildcard enable set remote-group <group> set accprofile <profile> User Accounts User accounts can be used to identify a network user and determine what parts of the network the user is allowed to access. Configuring a User Account config user tacacs+ edit <tacserver>...
  • Page 19 1. Configuring a TACACS user account for login authentication: config user tacacs+ edit tacserver set authen-type ascii set authorization enable set key temporary set server tacacs_server 2. Configuring a TACACS user group: config user group edit tacgroup set member tacserver config match edit 1 set server-name tacserver...

  • Page 20: Power Over Ethernet

    Power over Ethernet This chapter contains information on using Power over Ethernet (PoE) with your FortiSwitch. Power over Ethernet is only available on the following models: FortiSwitch-108D-POE, FortiSwitch-124D-POE, FortiSwitch-224D-POE, and FortiSwitch-324B-POE. Enabling PoE on a Port config switch physical-port edit <port> set poe-status enable Determining the PoE Power Capacity To determine the PoE power capacity, use the following command:...

This manual is also suitable for:

Fortiswitch-124dFortiswitch-124d-poeFortiswitch rugged-124dFortiswitch-224d-poeFortiswitch-324b-poeFortiswitch-348b ... Show all

Table of Contents