I know I can set the administrative status of WAN/DMZ ports to down to disable them, but I can only see how to set the entire internal interface up/down. Is there a way to set individual LAN ports down so someone cannot plug into them and access the network?
Fortigate – How to Disable Unused LAN Ports on Fortigate
fortigatefortinet
Best Answer
It's look like that the
internal-switch-mode
is set as switch¹ (by default). That means that all port on the internal interface are configured as they are only one:so, as I understand, if in system global configuration you set:
internal-switch-mode interface
, you shall configure each port independently, so you will able to reconfigure port 1 and 2 then disable the other as @David say.NB Before switching modes, all configuration settings for the interfaces affected by the switch must be set to defaults.²
Ref: