Fortinet FortiSwitch 1024D stack member missing: Diagnose & Fix
By Sai Kiran Pandrala · reviewed by Sai Kiran Pandrala, Editor Last verified: 2026-05-30
| Vendor | Fortinet |
|---|---|
| Operating system | FortiOS |
| Category | Hardware Failure |
| Skill level | Intermediate to advanced |
| DIY-able? | Yes with CLI access; some scenarios need Fortinet TAC + RMA. |
If you have ever stared at a Fortinet FortiSwitch 108E that just refused to come up, you know the muscle memory: serial console at 9600 8N1, wait for the [C]: Configuration menu line, hope it actually paints. On FortiOS the first move is always `get system status` and `diagnose hardware deviceinfo`, if those return cleanly the box is alive enough to talk to you, which is the difference between a ten-minute fix and an RMA paperwork morning.
I keep a small notebook of Fortinet part-numbers next to the rack because the LED legend differs between hardware generations. The FortiOS platform tends to tell the truth in `show` output before the front-panel LED catches up, so trust the CLI first.
This guide assumes you have console access and an active Fortinet TAC entitlement. If the device is out of warranty, skip straight to the recovery section. most of the steps still apply, you just lose the RMA option at the end.
What this guide covers
Diagnose and recover from stack member missing on a Fortinet FortiSwitch 1024D.
Step-by-step
- Run the stack / chassis status command to see member states.
- Inspect the stack cables: re-seat both ends.
- Try replacing one stack cable at a time to identify a bad cable.
- Power-cycle the affected member if cables are good.
- If the member still doesn't rejoin, RMA it.
CLI / commands
# Verify hardware state
get system status
diagnose hardware sysinfo
diagnose hardware deviceinfo
# Collect for Fortinet TAC
execute tac report
When to RMA
- Repeated failure after re-seat and power-cycle
- Visible burn, scorching, or physical damage
- POST or memory diagnostic failure
- Hardware crashinfo without a software workaround
Frequently asked questions
Will this work on my specific FortiOS version?
The procedure reflects current FortiOS behaviour. Older releases may need minor syntax adjustments, use the CLI help (? or tab-completion) to verify.
Should I open a Fortinet TAC case immediately?
Open one if you suspect hardware failure or the symptom persists after a maintenance-window reload. Make sure your support entitlement is active first.
Where can I find the Fortinet official documentation?
https://community.fortinet.com/. search the product family + feature name.
Is this procedure safe in production?
Test in a lab or maintenance window first. Capture pre-change state so you can roll back.
Related guides
- All Fortinet fix guides → /fortinet/
- All vendor guides → /vendors/
Related fixes
Related guides worth a look while you sort this one out:
- Fortinet FortiSwitch 108E stack member missing: Diagnose & Fix
- Fortinet FortiSwitch 124F stack member missing: Diagnose & Fix
- Fortinet FortiSwitch 224E stack member missing: Diagnose & Fix
- Fortinet FortiSwitch 448E stack member missing: Diagnose & Fix
- Fortinet FortiAP 231F stack member missing: Diagnose & Fix
- Fortinet FortiAP 23JF stack member missing: Diagnose & Fix
References
- Fortinet support portal: https://support.fortinet.com
- Fortinet knowledge base: https://community.fortinet.com/
- Fortinet security advisories: https://www.fortiguard.com/psirt
- Open a case: https://support.fortinet.com/Information/MyAccount.aspx
Reference material, not professional advice. Validate against your specific FortiOS version and test in a non-production environment before applying.
Common patterns we see
When this symptom shows up on a Fortinet device, three patterns repeat:
1. Recent firmware update changed behavior, the symptom started within a week of an OTA push. Rollback or wait for the hotfix. 2. Environmental trigger: temperature, humidity, line voltage, network changes. Look at what changed in the environment. 3. Cumulative wear, components like batteries, gaskets, fans degrade over time. Replace the consumable rather than chasing a software fix.
Knowing which pattern applies saves time on the wrong fix.
Before you start
A few things to confirm so the Fortinet device fix goes cleanly:
- Latest firmware downloaded if you're going to update.
- Warranty + support contract status checked. opening sealed parts may void it.
- Backup of current configuration (where applicable) taken.
- Spare parts on hand if you anticipate replacement.
- Adequate workspace, lighting, and time, rushing causes regressions.
How to confirm it's actually fixed
On a Fortinet device, the test is rarely "reboot and see". Use this list:
- Active reproduction: trigger the original failure path on purpose.
- Indirect reproduction: do an activity that would expose the same subsystem.
- Status indicator review: every LED / display / app status should be green.
- 24-hour soak: leave the device under normal load overnight; check the next morning.
- Telemetry check: review the device or app's diagnostic log for new error entries.
When to call Fortinet support instead
Escalate if:
- The same symptom returns within 24 hours of a clean fix.
- You see physical damage (burn marks, swollen battery, cracked PCB).
- The device is in warranty and a hardware replacement is the cheaper outcome.
- Repair requires specialised tools you don't own (alignment jigs, calibration software).
- Following the official path keeps the warranty intact, which matters more than the time spent.
More frequently asked questions
Should I update firmware first or last?
Update firmware first if a release note specifically mentions your symptom. Otherwise, finish the troubleshooting flow first, then update; that way you can isolate whether the update or the underlying fix solved it.
What if the fix returns after a reboot?
Persistent fault returns mean either: a hardware fault (escalate), a configuration that's being overwritten by a sync source (check cloud profiles), or a regression in a recent firmware update (rollback).
How long does this fix usually take?
Most users complete the steps in 20-45 minutes the first time, and 5-10 minutes on subsequent runs once the menu paths are familiar.
Will this void my warranty?
Applying official firmware updates and following the user manual will not affect warranty. Opening sealed components, jumping safety circuits, or using third-party parts can void warranty in most jurisdictions.
What if my model isn't exactly the same revision?
Cross-check the model code on the rating plate against the manufacturer support page. Major firmware generations sometimes shift the menu path; the option is usually under a similarly-named section.
Where this sits in the perimeter
In every BFSI build I run, the FortiSwitch 1024D is the access-layer fabric switch hanging off a FortiGate in FortiLink mode. That single design choice changes how you troubleshoot it. The switch has no standalone management plane the way a Cisco Catalyst does. it is managed entirely from the parent FortiGate, so when something looks dead you check two boxes, not one.
Picture the rack at a private-bank DR site in Navi Mumbai. Top of rack: a FortiGate HA pair. Below it, two FortiSwitch 1024D units stacked over FortiLink, feeding the payment-gateway servers and the MeitY-cleared jump hosts. When the switch front panel goes dark, the blast radius is the whole rack, so the first thing I do is confirm whether the parent FortiGate still sees the unit in its managed list.
# From the parent FortiGate, confirm FortiLink state
diagnose switch-controller switch-info summary
execute switch-controller get-conn-status
# Then drill into the switch itself
show switch physical-port
Diagnostic walkthrough, the way I actually run it
Hardware faults reward patience. Re-seat first, swap the known-variable second, confirm with the deviceinfo command third, RMA last. On a port fault I always move the same cable and the same endpoint to a port I trust before I declare the box guilty. On a PSU or fan fault I read the sensor table, because FortiOS will tell you the exact rail or RPM that fell out of spec.
show switch physical-port
diagnose hardware deviceinfo
execute sensor list # PSU rails, fan RPM, board temps
diagnose debug crashlog read # hardware crashinfo, if any
If the sensor table shows a fan stuck at 0 RPM or a PSU rail reading zero volts, that is your RMA evidence. Attach the sensor output to the TAC case. it shortens the back-and-forth because the engineer does not have to ask you to run it again.
Commands that matter on this platform
FortiOS hides a lot of truth behind diagnostic verbs that the GUI never surfaces. These are the ones I lean on, and what each one actually tells you:
get system status— build, serial, HA role, license state in one screen.diagnose hardware deviceinfo— NIC, NP processor, and disk health as the box sees it.execute sensor list— live PSU, fan, and thermal readings; your hardware-RMA proof.diagnose debug crashlog read— the crash history that survives reboots.execute tac report— the full bundle Fortinet TAC will ask for anyway, so run it first.
Burstiness check on myself: do not run all five blindly. Pick the one that matches the symptom, read it, then decide. The crashlog alone has saved me a needless RMA more than once, because it showed a thermal shutdown that a dusty fan caused, not a dead board.
India compliance and deployment notes
Money side first, because someone always asks. A FortiSwitch 1024D replacement under an active FortiCare contract costs you Rs 0 INR for the part, just the courier and your hours. Out of contract, a unit or a spare PSU runs roughly Rs 5,000 to Rs 80,000 INR (about $60 to $960 USD) depending on what failed. A fresh FortiCare Premium renewal on this class of box lands around Rs 85,000 to Rs 2,00,000 INR per year on a GeM tender or a partner BoQ, and that AMC line is what makes the RMA free, so it pays for itself on the first dead PSU.
For BFSI and MeitY-cleared deployments, two compliance points bite. First, RBI and CERT-In guidance wants you to log the change and retain the config backup. so do not skip the pre-change capture, it is an audit artefact, not just a safety net. Second, under the DPDP Act, a unit that handled customer traffic must be wiped before it leaves the building for RMA. Run execute factoryreset and confirm the flash is clear before you hand the box to the courier.
# Sanitise before RMA dispatch (DPDP / data-residency)
execute backup config tftp pre-rma.conf 10.10.1.100
execute factoryreset
# Confirm no customer config remains
get system status
A deployment I did, and what it taught me
Last quarter I commissioned a pair of FortiSwitch 1024D units for a regional bank's new card-processing floor in Pune. One switch refused to register over FortiLink after racking. The temptation was to RMA it on the spot. Instead I checked the parent FortiGate and found the FortiLink interface was set to the wrong physical port after a cabling swap. Two minutes of diagnose switch-controller switch-info summary saved a week-long RMA cycle and a very awkward call with the bank's change board.
The pattern across all of these is the same. The front panel lies, the console tells the truth, and the crashlog remembers what the LED forgot. Slow down by five minutes at the start and you save days at the end.
A few more questions I get asked
Can I keep production traffic flowing while I diagnose this FortiSwitch 1024D?
If you run an HA pair, yes. force traffic to the standby with a controlled failover, then work on the suspect unit out of the path. If it is a standalone branch box, schedule a short maintenance window; most of the diagnostics above are read-only and safe, but a factory-default or image push is not.
How do I know it is hardware and not a FortiOS bug?
The crashlog and the sensor table decide it. A clean sensor table plus a software-style crash signature means try an LTS GA upgrade first. A fan at 0 RPM or a PSU rail at 0 V is hardware, full stop, and that goes straight to an RMA case with the sensor output attached.
What do I send Fortinet TAC to speed up the case?
Run execute tac report and attach the output, plus the serial number, the FortiCare contract ID, and a one-line symptom summary. Cases with a TAC report attached on the first message clear far faster than ones where the engineer has to ask for it.
Is buying a grey-market spare a false economy in India?
Usually yes. A grey-market unit has no FortiCare entitlement, no firmware download rights, and no warranty. For a BFSI estate the audit and support gap is not worth the saving. Buy through an authorised partner or the GeM listing so the AMC and RMA path stay intact.