Creating SPAN port on Fortigate By: Brent Klespies

Here is a blog post from a friend and colleague Brent Klespies

I had a customer wondering how to create a SPAN port on a FortiGate to their IDS provider Bricta. Although we provide this feature they are very big on multi-layer security.

Here are the steps to accomplish sending information from a FortiGate to an outside source in a SPAN mode.

First most Entry to Mid-tier products have a pre-configured Soft or Hard Switch on the main ports. Larger models (+1500 series) will already have the ports as independent.  For something like the 400E, you will need to do the following steps (If you do have a larger model skip to step 2)

Network>Interface>LAN

Delete an unused port, and apply the change

Then from the main page, select Create New> Interface

From here give this a name, “SPAN1”, and select the Interface Type as a Hardware Switch.

Next enable the SPAN toggle as shown. You can then choose your source and destination.