FortiSwitch not Applying Configuration from FortiGate

24. July 2024 Author: vla Category: Fortinet

Do you have FortiSwitches that do not accept configuration changes made on the FortiGate switch controller? Also, when you run the CLI command ‘execute switch-controller get-conn-status’, do you see the ‘flag’ with a value of ‘E’?

FGT01 # execute switch-controller get-conn-status
Managed-devices in current vdom root:

FortiLink interface : fortilink
SWITCH-ID         VERSION           STATUS         FLAG   ADDRESS              JOIN-TIME            SERIAL
Switch-A     v7.4.2 (801)      Authorized/Up   2E   10.10.10.1       Fri Jul 19 14:17:21 2024    S648FN1X12345678
Switch-B     v7.4.2 (801)      Authorized/Up   2E   10.10.10.2       Fri Jul 19 12:26:19 2024    S648FN1X12345679

         Flags: C=config sync, U=upgrading, S=staged, D=delayed reboot pending, E=config sync error, 2=L2, 3=L3, V=VXLAN, T=tunnel, X=External
         Managed-Switches: 2 (UP: 2 DOWN: 0 MAX: 24)

Try to execute the CLI command “execute switch-controller get-sync-status all”. You may also have the error “REST API login failed with error 60” visible there:

FGT01 # execute switch-controller get-sync-status all
Managed-devices in current vdom root:

FortiLink interface : fortilink
SWITCH-ID (SERIAL)                    STATUS CONFIG         MAC-SYNC       HTTP-UPGRADE
Switch-A (S648FN1X12345678)      Up     Error          Error          -

[1]
 command: https://10.10.10.1:443/api/v2/login
 payload:
 result : REST API login failed with error 60
Switch-B (S648FN1X12345679)      Up     Error          Error          -

[1]
 command: https://10.10.10.2:443/api/v2/login
 payload:
 result : REST API login failed with error 60

We have seen several instances of this problem under FortiOS 7.4.4 and 7.4.5 and you may also be one of the affected customers.

Peter was able to find a solution for the problem and has shared it in the commends below:

config switch-controller system
    set tunnel-mode compatible
end

6 thoughts on “FortiSwitch not Applying Configuration from FortiGate”

Igor 6. September 2024 Reply
Hello
I have the same issue FG60F (7.4.4) + FS224E +FS224e-POE
Waiting for Fortinet Support reply
- vla Post author6. September 2024 Reply
  Dear Igor
  Thank you for your comment on our Blog. We really appreciate your feedback.
  We are looking forward to hear from you if you have any other solutions than the above mentioned downgrade to solve the issue.
  Even if you have an information that is not yet mentioned in our post, please let us know so we can share our experiences.
  Thanks and good luck to solve this issue,
  The Boll Tech team
Peter Bruderer 19. September 2024 Reply
This error is still not fixed in FortiOS 7.4.5
- vla Post author19. September 2024 Reply
  Dear Peter
  Good to know that it’s still not fixed. Thank you very much for this valuable information.
  Kind regards from the
  Boll Tech Team
Peter Bruderer 19. September 2024 Reply
config switch-controller system
set tunnel-mode compatible
end
solves the problem.
- vla Post author19. September 2024 Reply
  Dear Peter
  Very nice to hear, that you were able to solve the issue!
  I will edit this in the article to share this solution.
  Thank you for sharing!
  Best regards from the
  Boll Tech Team

6 thoughts on “FortiSwitch not Applying Configuration from FortiGate”

Leave a Reply Cancel reply

Recent Posts

Sticky

BOLL Links

BOLL Blog RSS Feed

Categories

6 thoughts on “FortiSwitch not Applying Configuration from FortiGate”

Leave a Reply Cancel reply

Recent Posts

Sticky

BOLL Links

BOLL Blog RSS Feed

Tags

Categories