FortiGate 7.0 - How to Add a Managed FortiSwitch

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

welcome to today's video today we're going to be talking about how to manage florida switches via the firewall [Music] so let's get started adding our four to switches to our security fabric so if you see in the security fabric menu item physical topology this is going to be where you see the access layer switches and to get started we're going to go to wi-fi and switch controller we're going to forward a link interface and out of the box it has port a and port b on the firewall connected i do not want to automatically authorize devices but i am going to want to do a ford leak split interface because i'm going to create a loop that gives us redundancy so i'm going to hook up the 24 port switch off of port a and then i'm going to chain it to the eight port switch and then i'm going to hook up the a port switch to port b so right now let's go downstairs and let's actually get our links hooked up and we'll see what this looks like all right so we've got these both staged this is plugged into port a on the firewall and i'm going to plug it into port 24 on the switch so when we refresh the screen we can see that port a is now connected to port 24 on that switch and it's picking up one photo switch so we're gonna go to manage for the switches here and we're gonna authorize this switch all right so it took a few minutes for it to come online and the firmware on this is a little bit older so now that it's showing online and managed um i should be able to go into upgrade and we want to upgrade it to 7.0.1 all right so it's doing its thing right now if we look at the logs we can see that the software upgrade completed user for the link restored the image to 7.0 the echo message timed out tunnel went down and then it came back up switch controller connected cath lab tunnel restored now it's back online and we can see that it's on 7.0.1 firmware if we go to the security fabric you can see that it's connected here so the next step that i'm going to do is i'm going to go connect the eight port switch to port 23 of this one all right so we're going to take this small little jumper we're going to connect part 23 to port 8. and we're going to go back upstairs and we're going to see how that looks in the management interface all right so up here in the management interface we did pick up that switch already and if we look at the port information for this switch we can see that it's already established with the ford link connection and the inner switch link so let's authorize it all right so just in the nick of time for me to finish my lunch break the switch has shown up they're both managed so we're going to go into the security fabric we're going to look at the physical topology now there you have it both of these switches are showing up and then once we start adding devices we'll start seeing the tree form and uh the next thing i'm going to do is hook up a link from port 7 of the 8 port switch into port b of the firewall so that there's redundancy built in so we've got this firewall turned a little bit so we can get in here and see and i'm going to plug port b into port 7 here and then later on today we'll go look at what that looks like in the gui all right so it took me a little bit longer than expected to get back to this and one thing that i did have trouble with was when i hooked up that interface b kept going disabled and i was trying to figure out why and in the process of me troubleshooting i figured out that it was this setting right here this fortalink split interface if you read the little pop-up it says connect a four-to-link aggregate interface from 140 gate to more than one for the switch so i thought this is the setting that i need to use i want to hook up two for the switches but it wouldn't automatically create the loop and i found out that that is because by default the fortilink aggregate interface when split interface is enabled only one link remains active so it's essentially doing an active passive so i wanted to turn that off and when i did turn that off i was actually able to see that the fortis switch is stacked successfully with the fortilink and if we go to security fabric it shows them as a fork as opposed to this switch being down link from this one back here on the managed florida switches page you can see the stack um one of the cool things that's in here is that you can set up a reorder so you can put your different tiers in here and reorder them you can even click this button and let fortinet auto arrange your stack i don't know how i feel about that but it's pretty cool feature so i did create a couple networks and uh we're i plugged in an xbox one and the ubiquity access point um so we're going to go to the four to switch ports and we'll show you how to assign that vlan so port one has the ubiquity access point over here and i want its native vlan to be on management and i don't need to give it a media one yet because i don't have anything wireless on that so i'll eventually trunk some uh wi-fi vlans to this thing and i'll put it here and then over here on the other switch has the xbox one so we're gonna make the native vlan for this one media and then this is poe so when you right click this menu here you can do a whole bunch of stuff straight from the gui so you can reset poe you can set the mode if you want to do any of the security policies and we'll get into that stuff later you can even disable the interface so i want to disable this interface and power that down so that i can reset that access point and it can come back up and do its door request and get an ip address and then down here on port 13 we have the xbox so i do not want my xbox to have a whole lot of stuff on it so we are going to disable spanning tree on that port so this is the port view of the switch management interface and then you can also look at it by faceplates and this will help you keep an eye on your poe budget as you start plugging things in you can hover over this and see exactly what's hooked up to it if we switch back to the port view in the magical world of editing i went ahead and created address objects for these and they're physically attached to the security fabric via the switch they have policies to get out to the internet and the xbox is currently watching falcon winter soldier so we should see some information on the topology one device there we go there's the xbox so you can see that it's got its reservation it's got its address object this is its host name that it is telling us hardware operating system firewall switch port and uh it's got 19 sessions you can go through here once you get all this stuff built out this dashboard is going to be really powerful for you you can look at compromised hosts you can look at risks you can do a whole bunch of stuff on this dashboard so look forward to getting more of this built out but in the meantime this is the general overview of how to assign vlans and manage afforda switch via the firewall if you made it to the end of the video i appreciate you go ahead and hit that thumbs up click subscribe and turn on notifications because i'm going to be building out an entire enterprise network and you don't want to miss it catch you on the next video [Music] [Applause] [Music] you

Info

Channel: Connelly Ventures

Views: 571

Rating: undefined out of 5

Keywords: fortigate, fortigate7.0, firewall, dns, dynamicdns, cybersecurity, fortiswitch, fortios, fortios7.0, fortiswitch7.0, fortinet

Id: Ld6rp20oBWs

Channel Id: undefined

Length: 9min 39sec (579 seconds)

Published: Tue Oct 05 2021