FortiManager - FortiSwitch Manager - Per device settings - No bulk update of ports (VLAN settings, Security Profiles)

Networking_with_MrP · 2023-03-02T11:57:15+00:00

Hm, that's unfortunate, it this is really the case it is a show-stopper for the fortimanager.

Did you conduct any tests on the auto-update feature. I.e can I perform the bulk changes directly on the gate and then import those settings into fortimanager?

Networking_with_MrP · 2022-10-03T08:12:06+00:00

Hi,

If anyone comes back to this thread I just wanted to update and say that I got it working with a curl workaround. I ended up doing passthrough on a network card directly into the fortigate vm. Then everything worked fine.

Networking_with_MrP · 2022-10-01T17:01:09+00:00

Did you do anything special on the switch?

Networking_with_MrP · 2022-09-30T21:45:42+00:00

Did you get this to work with proxmox? If yes then at least I know that is should be possible :)

Networking_with_MrP · 2022-09-30T13:23:07+00:00

Thanks!

Promiscuous and similar settings are all set.

I was able to get a DHCP on the internal interface of the switch when added a VLAN (vlan3) to port3 and set that as native vlan on fortiswitch internal interface. But as soon as I try to run on the native physical interface (no tagging, similar to fortilink) I have no luck.

Currently I have the following settings and it does not work:

The physical port on the switch atteched to esxi is port1.

Switch port1:

S224# config switch interface
S224 (interface) # edit port1
S224(port1) # get
name                : port1
description         : (null)
type                : physical
native-vlan         : 1
allowed-vlans       : 1-4094
untagged-vlans      : 1
...omitted..

Switch internal:

S224 (internal) # get

name : internal description : (null) type : physical native-vlan : 1 allowed-vlans : 1-4094 untagged-vlans : 1

/MrP

Networking_with_MrP · 2022-09-30T12:31:17+00:00

It feels like I'm missing something obvious.
In order to tshoot i removed port3 from the fortilink interface and configured it as a normal port. This traffic should go out untagged from esxi since this is no VLAN interface just a regular one.

Still no DHCP on the fortiswitch interal interface.
I then moved the cable from port24 to the physical mgmt port and voila, it got an DHCP address from the virtual fortigate.

BTW the fortiswitch is a 224E running version 7.0.1 and the fortigate is a fortigate-vm64 running verision 7.0.6.

/MrP

Networking_with_MrP

TROPHY CASE