Skip to main content
shorn1
shorn1
New Member
February 10, 2015
Question

FortiGate 60C WAN Interface Speed only 100Mbit Fullduplex

  • February 10, 2015
  • 4 replies
  • 76757 views

Hi!

As I see, the FortiGate 60C should have a WAN Interface that is 10/100/1000 Fullduplex compatible.

In this document its written that it should be this way: http://www.fortinet.com/sites/default/files/productdatasheets/FortiGate-60C.pdf

 

But my WAN Interfaces seems to be only 100Mbit/Fullduplex.

So.. what is true and what speed should my Interface have?

Has anybody the same "problem"?

    4 replies

    Dave_Hall
    Dave_Hall
    New Member
    February 10, 2015

    Depends on what speed/duplex the device on the other end of the WAN connection(s) supports.

     

    If there is a duplex/speed negotiating issue, it may show up if you perform a diag hardware deviceinfo nic <WAN interface> on the CLI and check for errors. 

     

    You can of course, force the duplex/speed on an interface by the follow on the CLI...

     

    config system interface edit "WAN1" set speed 1000full next exit

     

    shorn1
    shorn1Author
    New Member
    February 10, 2015

    Dave Hall wrote:

    Depends on what speed/duplex the device on the other end of the WAN connection(s) supports.

     

    If there is a duplex/speed negotiating issue, it may show up if you perform a diag hardware deviceinfo nic <WAN interface> on the CLI and check for errors. 

     

    You can of course, force the duplex/speed on an interface by the follow on the CLI...

     

    config system interface edit "WAN1" set speed 1000full next exit

     

    The device and the cable of the other side support 1000/fullduplex. Never had Problems with older router or firewall with the same device on the other side.

     

    I cant set it via CLI, the highest speed I can configure is 100/fullduplex.

    Output from Console:

    command parse error before 'speed'
    Command fail. Return code -61

     

    When I execute the same command with set speed 100full all goes fine.

     

    The Command set speed 1000full does not work, when a cable is patched or not. The same Problem is with the WAN2 and DMZ Port.

     

    Now I configured the FortiGate to Change the mode from Switch to Interface.

    I put the interface5 as "WAN" Port and Voila! 1000Gigbait/Fullduplex (with same device and cable) works.

     

    I think that the document is wrong or my device have a older Interface?!

    hamidfx
    hamidfx
    New Member
    December 29, 2016
    shorn1 wrote:
      The device and the cable of the other side support 1000/fullduplex. Never had Problems with older router or firewall with the same device on the other side.   I cant set it via CLI, the highest speed I can configure is 100/fullduplex. Output from Console: 
    command parse error before 'speed'
    Command fail. Return code -61
      When I execute the same command with set speed 100full all goes fine.   The Command set speed 1000full does not work, when a cable is patched or not. The same Problem is with the WAN2 and DMZ Port.   Now I configured the FortiGate to Change the mode from Switch to Interface. I put the interface5 as "WAN" Port and Voila! 1000Gigbait/Fullduplex (with same device and cable) works.   I think that the document is wrong or my device have a older Interface?!
      Hello, I have same problem and I solved it! Just delete software switch from interface and make split internal lan and wifi. All Wan ports are 1Gbit connections but this software slow down them. Now I have 1Gbit full-duplex in Wan1. Thanks!   Hamed
    vjoshi_FTNT
    Staff
    vjoshi_FTNT
    Staff
    February 11, 2015

    Hello,

     

    The datasheet which you are referring to is for the new units(higher revision)

     

    - On the older units(revision : 1 or 2), the wan interface only support 100 full duplex.

     

    So, verify which revision is your 60C is and if it is not the latest, then the WAN interfaces of your FGT60C support only 100Full.

     

    Hope that helps.

     

     

    ede_pfau
    SuperUser
    ede_pfau
    SuperUser
    February 11, 2015

    But...it isn't easy to determine the hardware revision on a FGT!

    You might look for a "Pxxx" number on the sticker on the bottom of the FGT, and maybe FTNT can decode that for you.

     

    Besides, you have found the solution to your problem already: use one of the 'internal' ports after splitting up the switch. These are 1000 Mbps (a '1000Gigabit/s' port on a desktop model is still in the works...). The designation as 'internalX' is just a label, there is no functionality connected to the labels.

    Dave_Hall
    Dave_Hall
    New Member
    February 11, 2015

    Even though the WAN device itself is capable of connecting at 1gb, unless the data transfer rate is over 100 MB or higher, I doubt you'll be losing out that much by setting the WAN port connect to 100 full duplex. 

     

    shorn1
    shorn1Author
    New Member
    February 11, 2015

    Dave Hall wrote:

    Even though the WAN device itself is capable of connecting at 1gb, unless the data transfer rate is over 100 MB or higher, I doubt you'll be losing out that much by setting the WAN port connect to 100 full duplex. 

     

    I got a Internet Connection of 600Mbit Down and Upstream. That I can easily use to 95%.

    With a WAN Port of 100Mbit I lose a lot of my internet speed.

    emnoc
    emnoc
    New Member
    February 11, 2015

    back to what was suggested, the diag hardware deviceinfo nic wan1 command  or  fnsysctl cat  /proc/net/nicinfo/wan1 will output what's support by the nic chipset

     

    e.g  ( 10/100/1000mbps )

    Broadcom 570x Tigon3 Ethernet Adapter To get more ideals on  broadcom ethernet adapters;http://www.broadcom.com/support/ethernet_nic/faq_drivers.php

    Once again, this is a linux based firewall and uses drivers similar to linux but with a   FTNT touch

     

     

    Terms & ConditionsAccessibility statement