cancel
Showing results for 
Search instead for 
Did you mean: 

5420 EXOS automatic VLAN creation when connected to Fortigate Firewall

5420 EXOS automatic VLAN creation when connected to Fortigate Firewall

Nico_Lueck
New Contributor II
Hi all,

today I was setting up a new customer location (Fortigate, 5420 Exos and some APs).
First off all I figured out the Fortigate (LAN1 will be the uplink to 5420 Port 1).
LAN1 of Fortigate do have 4 tagged VLANs.

Now the switch is connected and have default configuration.
I was wondering why all the 4 VLANs which are configrued on fortigate lan1 are automaticly configured on the 5420 ?

Is there a new feature? 

Already checked some standard features like lldp, but can't figure out where it comes from.

Default FW version is 31.3.1.3 patch1-7

thanks!
1 ACCEPTED SOLUTION

Ludovico_Steven
Extreme Employee
I took a wireshark of an EXOS doing ZTP; see for your selves.
The switch in question was rebooted with "unconfigure switch".
https://extremenetworks2com-my.sharepoint.com/:u:/g/personal/lstevens_extremenetworks_com/EWnzkG1Blx...

View solution in original post

9 REPLIES 9

Nico_Lueck
New Contributor II
@Ludovico Stevens

great, thanks a lot for the wireshark dump!

Wish you all a very mary christmas and all the best for 2022​​!

Regards
Nico

Gabriel_G
Extreme Employee
I Stand Corrected,

Thanks for confirming Ludovico!

Ludovico_Steven
Extreme Employee
I took a wireshark of an EXOS doing ZTP; see for your selves.
The switch in question was rebooted with "unconfigure switch".
https://extremenetworks2com-my.sharepoint.com/:u:/g/personal/lstevens_extremenetworks_com/EWnzkG1Blx...

Gabriel_G
Extreme Employee

>Is the switch sending a dhcp discover on every vlan (1-4096) and after getting an answer he will create that vlan?

Contrary to Ludovico (no offense, and I could be wrong), my understanding is that EXOS detects attached VLANs based on incoming traffic with VLAN tags, dynamically creates those VLANs and assigns them to relevant ports, and sends a DHCP discover on them.

I can confirm that this will happen regardless of if the VLAN is tagged or untagged, that is certain.

I'm not sure if the switch actually tests every single VLAN or just detects incoming VLANs, but I believe it is the latter.

GTM-P2G8KFN