FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
pywong
Staff
Staff
Article Id 196528

Description

For FortiGate models with 10 GE SFP+ and GE SFP ports such as the FortiGate 3200D and FortiGate 3100D, the speed must be configured accordingly for supported SFP transceivers plugged into SFP+ ports.


Solution

Configure 'set speed 1000auto' or 'set speed 1000full' at the interface.

The testing below is performed on a FortiGate 3200D running on firmware version 5.6.


Topology

 
FG3K2D-1 port35 (SFP)---------1G--------(SFP) port35 FG3K2D-2
FG3K2D-1 port36 (SFP+)-------10G-------(SFP+) port36 FG3K2D-2


Test A - Using default settings at SFP+ ports

FG3K2D-1 (port35) # sh full | grep speed
        set speed auto

FG3K2D-1 (port36) # sh full | grep speed
        set speed auto

FG3K2D-2 (port35) # sh full | grep speed
        set speed auto

FG3K2D-2 (port36) # sh full | grep speed
        set speed auto

Note that speed auto is by default

Results

port35 is down, port36 is up
FG3K2D-1 (global) # get hardware nic port35
.
.
========== Link Status ==========
Admin           :up
netdev status   :down
autonego_setting:0
link_setting    :1
link_speed      :10000
link_duplex     :1
Speed           :0
Duplex          :Half
link_status     :Down
.
.

FG3K2D-2 (global) # get hardware nic port35
.
.
========== Link Status ==========
Admin           :up
netdev status   :down
autonego_setting:0
link_setting    :1
link_speed      :10000
link_duplex     :1
Speed           :0
Duplex          :Half
link_status     :Down
.
.

FG3K2D-1 (global) # get hardware nic port36
.
.
========== Link Status ==========
Admin           :up
netdev status   :up
autonego_setting:0
link_setting    :1
link_speed      :10000
link_duplex     :1
Speed           :10000
Duplex          :Full
link_status     :Up
.
.

FG3K2D-2 (global) # get hardware nic port36
.
.
========== Link Status ==========
Admin           :up
netdev status   :up
autonego_setting:0
link_setting    :1
link_speed      :10000
link_duplex     :1
Speed           :10000
Duplex          :Full
link_status     :Up
.
.


Test B: Set port35 to 1000auto
FG3K2D-1 (port35) # sh
config system interface
    edit "port35"
        set vdom "root"
        set type physical
        set snmp-index 35
        set speed 1000auto
    next
end

FG3K2D-2 (port35) # sh
config system interface
    edit "port35"
        set vdom "root"
        set type physical
        set snmp-index 35
        set speed 1000auto
    next
end

Results

port35 is Up
FG3K2D-1 (global) # get hardware nic port35
.
.
========== Link Status ==========
Admin           :up
netdev status   :up
autonego_setting:1
link_setting    :1
link_speed      :1000
link_duplex     :1
Speed           :1000
Duplex          :Full
link_status     :Up
.
.

FG3K2D-2 (global) # get hardware nic port35
.
.
========== Link Status ==========
Admin           :up
netdev status   :up
autonego_setting:1
link_setting    :1
link_speed      :1000
link_duplex     :1
Speed           :1000
Duplex          :Full
link_status     :Up
.
.


Test C: Set port35 speed 1000full

FG3K2D-1 (port35) # sh
config system interface
    edit "port35"
        set vdom "root"
        set type physical
        set snmp-index 35
        set speed 1000full
    next
end

FG3K2D-2 (global) # sh sys interface port35
config system interface
    edit "port35"
        set vdom "root"
        set type physical
        set snmp-index 35
        set speed 1000full
    next
end

Results

port35 is Up
FG3K2D-1 (global) # get hardware nic port35
.
.
========== Link Status ==========
Admin           :up
netdev status   :up
autonego_setting:0
link_setting    :1
link_speed      :1000
link_duplex     :1
Speed           :1000
Duplex          :Full
link_status     :Up
.
.

FG3K2D-2 (global) # get hardware nic port35
.
.
========== Link Status ==========
Admin           :up
netdev status   :up
autonego_setting:0
link_setting    :1
link_speed      :1000
link_duplex     :1
Speed           :1000
Duplex          :Full
link_status     :Up
.
.
Contributors