FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Description This article describes the interface configuration settings needed for the 100G ports to be operational.
Initially, to engage Fortinet’s TAC, it is required to provide the output of the command:
1) # diagnose hardware deviceinfo nic <affected_port> 2) # get system interface transceiver <affected_port> 3) # show system interface <affected_port>
With the output of the above commands, important information regarding the interface’s settings, status and the SFP’s part and can be concluded.
Solution. Initially, it is necessary to confirm FEC [forward-error-correction] is enabled on both sides of the connected units as it is a mandatory requirement for 100G interfaces. Lastly, it is necessary to make sure the correct media type is configured on the interface settings.
For example, if the interface is a CFP2 long range transceiver the below settings is required:
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.