FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Description The purpose of this document is to explain the split port capability on the FortiController 59x3C Scope FortiController 5.2
Solution The FortiController 5903C/5913C supports the split port feature: - 5903C has 4 40G ports. Each 40G port can be split in 4x10G. - 5913C has 2 100G ports. Each 100G port can be split in 10x10G.
The following command can be used to enable the split port:
# conf sys global (global)# set fabric-front-port-10g-mode enable WARNING: Enabling fabric channel front port 10G mode will clear the existing interface configuration and reboot system. Do you want to continue? (y/n)y (global)# end The system is going down for reboot. Please wait…
If the Fortigate worker blades were already in FortiController mode, they will get the parent and the split interfaces. When a FortiGate worker joins the SLBC, the FortiController advertises the front port list through the management heartbeat. These interfaces are added to the FortiGate configuration.
Note: If the split port is not enabled on the FortiController end, the FortiGate will add fctrl/f1 and fctrl/f2 to the configuration (in case of a FortiController 5913C).
Note: If the split port is enabled on the FortiController, the FortiGate will add fctrl/f1-1, fctrl/f1-2 ... fctrl/f1-10, fctrl/f2-1 ... fctrl/f2-10, but the parent interfaces (fctrl/f1 and fctrl/f2) will not be deleted. These interfaces will remain in the FortiGate configuration, causing internal mapping conflict upon reboot.
Warning : In order to avoid such issues, the Fortigate workers must be factory reset.
FG-5KD3915800467 (global) # exe factoryreset This operation will reset the system to factory default! Do you want to continue? (y/n) y
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.