Description
This article describes how to change the port speed of a FortiGate interface via CLI.
Scope
FortiGate.
Solution.
Configuration.
- The default value for all interfaces is auto-negotiate. This should automatically set the speed for that port appropriate to the speed set on the other network hardware. If this does not happen, edit the configuration using the following CLI commands:
config system interface
edit <interface-name>
set speed <1000full/10000half/100full/100half/10full/10half/auto>
end
Example to check the current speed on the interface and set:
get hardware nic <interface-name>
Note that only some models support gigabit Ethernet speeds. The unit attached should match the settings. If the FortiGate is set to 100Full, the unit on the end should also be set to 100Full.
- The interface speed.
- Auto is the default speed. The interface uses auto-negotiation to determine the connection speed. Change the speed only if the interface is connected to a unit that does not support auto-negotiation.
- 10full, 10 Mbps, full duplex.
- 10half, 10 Mbps, half duplex.
- 100full, 100 Mbps, full duplex.
- 100half, 100 Mbps, half duplex.
- 1000full, 1000 Mbps, full duplex.
- 1000half, 1000 Mbps, half duplex.
Speed options vary for different models and interfaces. Enter a space and a '?' after the speed keyword to display a list of speeds available for your model and interface.
Note:
10G Auto-negotiation is not supported on the SFP28 interface due to limitations in the PHY. Therefore, this cannot be resolved by changing the firmware or any options in FortiGate.
Changing the speed for interfaces that are 4-port switches is impossible. This includes the internal interfaces of FortiGate models 60, 60M, 100A, 200A, and FortiWiFi-60.
This also includes the LAN interface of the FortiGate-500A.
- However, a command in the config system globally allows the internal switch speed to be set.
To configure this use the following CLI commands.
Note:
The below command is only available up to FortiOS 5.4.x.
config system global
set internal-switch-speed
100full 100M Full
100half 100M half
10full 10M Full
10half 10M half
auto auto
- If the ports are part of the internal hardware switch, then it is possible to change it using 'config system virtual-switch'.
config system virtual-switch
edit <name>
config port
edit <name>
set speed [auto|10full|10half|…]
end
Troubleshooting.
For interface diagnostics:
diagnose hardware deviceinfo nic <interface-name>
Changing the port speed on an already aggregated interface is not possible.
Refer to the related article Troubleshooting Tip: FortiGate interface error counters for more information on understanding the output of this diagnostic command.
The following error may appear: 'Interface speed cannot be set for aggregated interfaces. Command fail. Return code -218'. Therefore, it is necessary to remove the interfaces from the aggregation, change the speed, and then add them again to the aggregation.
Related articles:
Config system virtual switch - FortiGate CLI reference.
Configuring port speeds - moved from Public to INTERNAL.
Technical Tip: Configure Ethernet speed, duplex and negotiation settings.
