Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Matt_B
Staff
Staff

Created on ‎10-09-2024 11:55 PM Edited on ‎10-10-2024 09:16 AM

Article Id 347976

Technical Tip: FortiGate-100F/101F has different speed setting for shared RJ45/SFP ports after upgrade to v7.2.8 or later

Description

This article describes a known change in link speed configuration that can cause FortiGate 100F/101F port17-port20 to be down after upgrading to an affected firmware version.
Scope This issue affects FortiGate-100F/101F upgrading from earlier firmware to any of the following versions: v7.2.8 or later, v7.4.2 or later, v7.6.0 or later.

It also affects upgrades from v7.2.8, v7.4.2, v7.4.3, or v7.4.4 to any later firmware version.
Solution

After upgrading FortiGate-100F/101F from unaffected earlier firmware to an affected version, the speed setting of the shared RJ45/SFP ports 17-20 will be 1000full. This has the same root cause as known issue 989629 which appears in 7.2.9 Release Notes.

In v7.2.7 and earlier or v7.4.1 and earlier, the default speed configuration of the shared RJ45/SFP ports is 'set speed auto'.


port17_727.PNG
After upgrading to any affected firmware version, the speed of the shared ports will be 1000full. This occurs even if the new firmware version also allows 'set speed auto' for these ports.


port17_729.PNG

Depending on the configuration of the remote side of the link, this change usually does not cause any issues. In some deployments, the change can cause the link to be down after an upgrade or come up with the wrong speed.

Upgrade from v7.2.9 or v7.4.5 to later firmware versions is not affected.

Procedure:

  • Before upgrading, verify administrative access to the firewall that does not depend in any way on port17-port20.
  • After the upgrade, verify the link comes up. If it does not, change the speed setting of the required port(s) to best match the previous configuration.

v7.2.8, v7.4.2-v7.4.4:  In these versions, 'set speed auto' is not available.


config system interface

edit port17

set speed 1000auto

next

end

v7.2.9, v7.4.5, v7.6.0 or later:

 

config system interface

edit port17

set speed auto

next

end


After applying the configuration change, verify that the link comes up as expected. If it does not, reach out to TAC to troubleshoot or revert to the previous firmware version.

This issue also affects upgrade from v7.2.8, v7.4.2, v7.4.3, or v7.4.4 to later firmware versions:
For example, if an administrator applies port17 configuration 'set speed 1000auto' in v7.2.8, the configuration will change again to 'set speed 1000full' after upgrading to v7.2.9.
If the recommended upgrade path includes v7.2.8, v7.4.2, v7.4.3, or v7.4.4, an administrator may need to update the interface configuration after each upgrade where the speed setting changes.

If upgrading to v7.2.8 or v7.4.2-v7.4.4 from earlier firmware, the speed settings may change for other ports, not just the four shared RJ45/SFP ports. For more detail on the potential change see 'Speed options missing in FortiGate 100F 101F'.

Related documents:
Resolved Issues FortiOS 7.2.9
Speed options missing in FortiGate 100F 101F
Selecting an alternate firmware for the next boot 
908
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.