SPAN and FGT30D | Fortinet Technical Discussion Forums

Join us now!

Username
Password
Verification
	Stay logged in

Forgot Your Password? Forgot your Username? Haven't received registration validation E-mail?

User Control Panel Log out

Forums
Posts

Latest Posts

Active Posts

Recently Visited

Search Results

View More
Blog

Recent Blog Posts

View More
Photos

Recent Photos

My Favorites

View More Photo Galleries
PMs

Unread PMs

Inbox

Send New PM View More
Page Extras
Menu
- Forum Themes
- Member List
- Online User List
- User Groups

Videos, Cookbook, KB

Mark Thread UnreadFlat Reading Mode ❐

Hot!SPAN and FGT30D

Author Post Essentials Only Full Version
Shagma Bronze Member Total Posts : 34 Scores: 0 Reward points: 0 Joined: 2010/11/07 04:15:22 Status: offline 2018/10/30 14:15:35 (permalink) 0 SPAN and FGT30D Hi! According to my google searches, SPAN is supported on Fortigates with HW switch. This document: https://docs.fortinet.com/uploaded/files/3621/SWMTX-560-201704-R21.pdf suggests that a FGT30D has a hardware switch and thereby should support SPAN. Still I am not seeing the Hardware type being available from CLI when i go to config system switch-interface: FWF30D (internal) # set type switch Switch. hub Hub. I still tried to configure SPAN on it which it allowed me to do, but I can't get it to work: config system switch-interface edit "internal" set member "lan1" "lan3" "lan4" set span enable set span-dest-port "lan1" set span-source-port "lan4" next Firmware is really old at v5.2.3,build670 Any ideas? Is SPAN really supported on such low end device? #1 5 Replies Related Threads
Toshi Esumi Expert Member Total Posts : 1432 Scores: 129 Reward points: 0 Joined: 2014/11/06 09:56:42 Status: offline Re: SPAN and FGT30D 2018/10/30 14:36:23 (permalink) 0 They changed the software structure some point in 5.2.x related to hardware switch config. But "config system switch-interface" is config for soft-switch. Best chance would be upgrading it to the last 5.2, which is 5.2.13 then remove them from "switch-interface" and configure them under "config system virtual-interface" if the step-by-step upgrade process doesn't automatically convert the "internal" to hard-switch. #2
zhunissov4 Gold Member Total Posts : 256 Scores: 24 Reward points: 0 Joined: 2015/10/12 04:00:01 Status: offline Re: SPAN and FGT30D 2018/10/30 20:55:26 (permalink) 0 Hello, As I know SPAN is supporting only on devices starting from FG-100D , 140D, 200D etc, which has hardware switch interfaces. http://help.fortinet.com/fos50hlp/52data/Content/FortiOS/fortigate-whats-new-52/system.htm#SPAN #3
Toshi Esumi Expert Member Total Posts : 1432 Scores: 129 Reward points: 0 Joined: 2014/11/06 09:56:42 Status: offline Re: SPAN and FGT30D 2018/10/30 21:05:43 (permalink) 0 At least I used SPAN with FG60D or E w/ 5.4.x earlier this year. So I know for sure it works with these models. #4
Shagma Bronze Member Total Posts : 34 Scores: 0 Reward points: 0 Joined: 2010/11/07 04:15:22 Status: offline Re: SPAN and FGT30D 2018/11/01 06:30:06 (permalink) 0 Thanks guys. Will probably try to upgrade the FW and see how it behaves. #5
adogra Bronze Member Total Posts : 30 Scores: 0 Reward points: 0 Joined: 2017/10/10 07:32:00 Status: offline Re: SPAN and FGT30D 2019/01/04 01:58:19 (permalink) 0 Hi Guys. I'm using fortigate 200D firmware 5.4.1 in HA mode. Need to attach Darktrace appliance for network analysis and deep inspection. Could anyone please advice how if I can use fortigate 200 D and span/port mirror to another interface. 2) can I use multiple existing ports like WAN1, other ports in firewall to mirror onto 1 interface in FW. That I can use for deep inspection for appliance? 3) If yes to above query how? #6

Jump to:

© 2019 APG vNext Commercial Version 5.5