Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
jase888
New Contributor

How to change Software Switch to Hardware Switch

I have setup a Fortigate 60E previously where it allowed an interface to select Internal1,Internal2, etc which is basically port1, port 2. This allowed me to set different ports for the different networks running through the firewall.

 

However the latest Fortigate 60E I have acquired has a Software Switch Interface and it only has the option to add internal which is all the ports. How do you split internal up so I can choose specific ports? 

 

I know it can be done as the other firewall (same model) had this.

 

 

1 Solution
Dave_Hall

Edit the internal interface and remove the member ports from this interface.  These removed member ports can be used in whatever new hard/soft interface you want.  Like Toshi indicated, if you are planning to break the exist internal interface you will need to remove all references to this interface.  (On a fresh (as in exec reset) config, I think all you need to do is delete the firewall policy and uncheck the DHCP server option.)

 

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

View solution in original post

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
5 REPLIES 5
Toshi_Esumi
Esteemed Contributor III

The default "internal" interface on FG60E is a so-called hard-switch, not soft-switch. You just need to remove it under "config sys virtual-switch" to be able to see individual interfaces, like internal1, internal2, etc. But to be able to do that, you have to remove all references, which is using internal, like policlies, dhcp server, zone, vlan, and so on first.

Dave_Hall

Edit the internal interface and remove the member ports from this interface.  These removed member ports can be used in whatever new hard/soft interface you want.  Like Toshi indicated, if you are planning to break the exist internal interface you will need to remove all references to this interface.  (On a fresh (as in exec reset) config, I think all you need to do is delete the firewall policy and uncheck the DHCP server option.)

 

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
jase888

thanks guys did this and got it working now!

Fillage
New Contributor

How do you like this Fortigate 60E? Does it really help the home network be protected?

DanMichellB
New Contributor

Thank you, guys; that helps a lot. I’ve been struggling with installing this firewall for days, and now I can finally see how I can connect several devices to it.
I decided to get Fortigate 60E after my small business got attacked. So, I got this IT consultant company https://www.exposit.com/solutions/healthcare/ to help us establish a more secure and stable system within the company. Now I see that I should have done it long before because there were so many security breaches and ineffective solutions. Hope we will manage to improve and start over.

Labels
Top Kudoed Authors