This procedure explains how to configure Fortinet FortiGate switches for port mirroring on models with built-in hardware switches (for example, the FortiGate-100D, 140D, and 200D), using the Switch Port Analyzer (SPAN) feature.

Configuration Through the CLI

To configure SPAN through the CLI

1. Enter the following:

config system virtual-switch

edit <port>

set span enable

set span-source-port <port>

set span-dest-port <port>

set span-direction {both | Tx | Rx}

end

end

Configuration Through the Web UI

To configure SPAN through the web UI

1. Go to System > Network > Interfaces.

2. Edit a hardware switch interface.

   By default, the system may have a hardware switch interface called a LAN. You can also create a new hardware switch interface.

   1. Select the SPAN checkbox, then select a source port from which you want traffic mirrored.

   2. Select one of the following:

      • Traffic received
      • Traffic sent
      • Both

See the Knowledge Base article on the vendor website to learn more about configuring port mirroring on Fortinet-FortiGate Switches.