Based on the provided exhibit and the Fortinet Enterprise Firewall 7.6 Administrator curriculum, the architecture shown is a standard FortiLink deployment used to manage FortiSwitch units directly from the FortiGate.
FortiLink Interface (C): The exhibit explicitly shows the configuration of a logical interface designated as a FortiLink interface. This is a specialized Fortinet proprietary management protocol that allows the FortiGate to discover, authorize, and manage FortiSwitch devices. Once FortiLink is established, the FortiGate can manage switch ports, VLANs, and security policies on the switches as if they were local interfaces.
802.3ad Aggregate (A): To provide both redundancy and increased bandwidth, FortiLink is typically configured as an 802.3ad (Link Aggregation) aggregate interface. This allows the FortiGate to use multiple physical ports (in this case, port1 and port2) as a single logical pipe to the switches. In the exhibit ' s configuration snippet, the set type aggregate command is clearly visible, which confirms that an 802.3ad link is being used to facilitate the connection.
Regarding the incorrect options:
Option B is incorrect because SD-WAN is used for steering traffic across multiple WAN paths and is not the protocol used for internal switch management via FortiLink.
Option D is incorrect because while STP/RSTP is active on the FortiSwitches to prevent loops within the switching fabric, the FortiGate does not typically " run " STP on the FortiLink aggregate interface itself; rather, the link aggregation (LACP) and the FortiLink logic handle the path redundancy and loop prevention between the firewall and the managed switches.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit