Layer 3 Interfaces
1. Configure Native VLANs for Port1 & Port2. Also configure “internal” interface to allow the native VLANs for Port1
and Port2.:
config switch interface
edit port1
set native-vlan 4000
edit port2
set native-vlan 2
edit internal
set allowed-vlans 2, 4000
end
2. Create L3 system interfaces that correspond to port 1 (VLAN4000) and Port 2 (VLAN2):
config system interface
edit vlan4000
set ip 192.168.11.1/24
set vlanid 4000
set interface internal
set allowacess ping ssh telnet
next
edit vlan2
set ip 192.168.10.1/24
set vlanid 2
set interface internal
set allowacess ping ssh telnet
end
3. Configure static routes, so that the switch will know how to route between the two VLANs:
config router static
edit 1
set dst 192.168.10.0/24
set device vlan2
next
edit 2
set dst 192.168.11.0/24
set device vlan4000
end
Viewing SVIConfiguration
Display the status of SVIconfiguration using following command:
show system interface [ <sytem interface name> ]
Routed Interfaces
A routed port is a physical port on a switch that acts like a port on a router. It supports all routing protocols and
terminates Layer 2 completely. It does not support VLAN sub-interfaces and it is not associated with a VLAN. A
routed port typically connects to either a server or a router (a Layer 3 device).
The routed port is associated with a subnet.
The main reason to use a routed interface is to simplify the network topology.
41
FortiSwitchOS-3.2.0
