Troubleshooting Tip: Verify FortiGate Configuration for SFP Transceivers
Description
Symptoms include associated ports being shown with the link down (red arrow icon) on the FortiGate Web Interface and link lights on the FortiGate device for the associated ports not indicating a link.
In this case, verifying the FortiGate configuration for the associated port is worthwhile.
Solution
edit <interface name>
show full
edit <interface name>
set speed ?
end
Determine the speed and duplex settings of the other peer device terminating the link with the FortiGate's SFP transceiver and configure these settings manually on the FortiGate to match, i.e., to set to 1000M full-duplex, use these CLI commands:
edit <interface name>
set speed 1000full
end
To verify that the speed has been manually set, use the following CLI commands, replacing <interface name> with the actual interface name (i.e., wan1, port1, etc.):
diagnose hardware deviceinfo nic <interface name>
Note:
Ensure the transceiver is connected to the correct SFP+ slot. For example, a Gigabit Ethernet transceiver should be connected to a Gigabit Ethernet SFP+ slot on the FortiGate. Connecting it to a 10 Gigabit Ethernet SFP+ slot will not bring the link up.
When a valid physical link is established over the SFP transceiver, the FortiGate Web Interface should display the link as up (green arrow icon), and the link lights on the FortiGate device for the physical port should indicate an active link.
If the transceiver is connected at both ends, it should emit a laser signal from both sides (transmitter and receiver). To test this, point a cell phone camera at the laser (do not look directly at the laser beam to avoid eye injury). If a laser beam is visible on the transmitter and/or receiver, the optical signal has been established.