One type of virtual switch is known as a software switch, sometimes known as a soft switch. This type of switch is implemented at the software or firmware level, as opposed to the hardware level. Simplifying communication between devices that are linked to multiple FortiGate interfaces can be accomplished through the utilization of a software switch. Using a software switch, for instance, you are able to position the FortiGate interface that is connected to an internal network on the same subnet as your wireless interfaces. After that, devices on the internal network are able to communicate with devices on the wireless network without the need for any further settings on the FortiGate unit, such as new security policies.

In addition, it may be helpful in the event that you need more hardware ports on a FortiGate unit for the switch operation. If, for instance, your FortiGate unit is equipped with a 4-port switch, WAN1, WAN2, and DMZ interfaces, and you require an additional port, you have the ability to establish a soft switch that accommodates both the 4-port switch and the DMZ interface, all of which are located on the same subnet. These kinds of applications are also applicable to wireless interfaces, virtual wireless interfaces, and physical interfaces, such as those that are associated with the FortiWiFi and FortiAP units.

A software switch operates in a manner that is analogous to that of a hardware switch, namely as a single interface. There is just one IP address assigned to a software switch, and all of the interfaces that make up the software switch are connected to the same subnet. The security policies do not restrict the traffic that is transmitted between the devices that are connected to each interface. Additionally, the policy that governs the traffic that is transmitted into and out of the switch is the same.

Below is the diagram for the software switch lab:-

Fortigate Firewall obtains Management IP address automatically using DHCP.

Lets setup WAN and LAN interfaces through GUI:-