Description
This article describes various ways to detect a PoE fault on a FortiSwitch.
Scope
FortiSwitch-424D-POE v6.2.0 build0200.
A POE error is seen as follows:
FW1 # exec ssh admin@x.x.x.x
get switch poe inline
Unit Power Budget: 240.00W
Unit Guard Band: 19.00W
Unit Power Consumption: 0.00W
Unit Temperature: 0.00 Centigrade
Unit Poe Power Mode : Priority Based.
Interface Status State Max-Power(W) Power-consumption(W) Priority Class Error
------------------------------------------------------------------------------------------------------------
port1 Enabled Fault:4 N/A N/A N/A N/A Power Fault: Error Type 4 all_ports_switch_poe_status:err bad index:4
port2 Enabled Fault:4 N/A N/A N/A N/A Power Fault: Error Type 4 all_ports_switch_poe_status:err bad index:4
port3 Enabled Fault:4 N/A N/A N/A N/A Power Fault: Error Type 4 all_ports_switch_poe_status:err bad index:4
port4 Enabled Fault:4 N/A N/A N/A N/A Power Fault: Error Type 4 all_ports_switch_poe_status:err bad index:4
port5 Enabled Fault:4 N/A N/A N/A N/A Power Fault: Error Type 4 all_ports_switch_poe_status:err bad index:4
port6 Enabled Fault:4 N/A N/A N/A N/A Power Fault: Error Type 4 all_ports_switch_poe_status:err bad index:4
port7 Enabled Fault:4 N/A N/A N/A N/A Power Fault: Error Type 4 all_ports_switch_poe_status:err bad index:4
port8 Enabled Fault:4 N/A N/A N/A N/A Power Fault: Error Type 4 all_ports_switch_poe_status:err bad index:4
Solution
-
Verify if the FortiSwitch Model and switchport supports PoE. Certain FortiSwitch models may only partially support PoE or not support PoE at all.Check the FortiSwitch model datasheet for PoE support information.
- Consider whether this a new unit or if, before this issue, FortiSwitch PoE has worked as expected.
- Consider whether, before this issue, there was any change made on the FortiSwitch or if there was a power-outage that affected it.
- Try resetting PoE on the FortiSwitch with the following command, then test PoE again:
execute switch-controller poe-reset
- Try the following test on the FortiSwitch during a maintenance window and check the PoE status after:
Unplug all cables, gracefully shutdown the FortiSwitch and wait for 15-30 minutes, then power on the device with only a console cable and PSU cord plugged in. Use the following command to execute a graceful shutdown:
execute shutdown
- Try factory-resetting the Switch once:
execute factoryreset
Note:
To avoid loss of configuration settings, download a backup of the FortiSwitch configuration before attempting a factory reset.
-
Check if the FortiSwitch port shows a Power Status fault:
get switch poe inline
diagnose switch poe status port11
Port(11) Power:0.00W, Power-Status code: 5(Fault)
Power-Up Mode: Normal Mode
Power Fault: Error Type 6 (Startup Failure)
Remote Power Device Type: IEEE802.3AF PD
Power Class: 0
Defined Max Power: 16.2W, Priority: Low.
Voltage: 0.00V
Current: 0mA
Temperature: 53.75 Centigrade
- Check if the FortiSwitch hardware status shows an invalid PoE firmware version 0.0.0.0 or 15.15.15.15.
get hardware status
Poe Firmware Version: 0.0.0.0
- Check if the PSU status is bad.
If both PSUs are in the 'BAD' status, fix this as soon as possible, as an issue with the PSU would affect the power supply to PoE ports. If one of the two PSUs is in 'BAD' status and the other is 'OK', in some of the older versions, it could affect the PoE ports. Upgrade to the latest version of 7.0/7.2 for a fix (or ensure both PSUs are in a good state).
diagnose sys psu status
PSU1 is BAD
PSU2 is OK
- Check if running execute log display in FortiSwitch shows PoE warnings as shown below:
1969-12-31 16:02:07 log_id=0101002010 type=event subtype=poe pri=warning vd=root action="poe-debug" user="poed" status="None" msg=" doFailDetail:/bin/poed: time out
1969-12-31 16:02:07 log_id=0101002010 type=event subtype=poe pri=warning vd=root action="poe-debug" user="poed" status="None" msg=" doFailDetail:/bin/poed: time out
- Consider upgrading the affected FortiSwitch to the latest firmware in the v6.4.x or v7.0.x, or v7.2.x. After that, check if the issue persists.
- Disable 'poe-pre-standard-detection' if it is not in use.
The purpose of 'poe-pre-standard-detection' (also called legacy detection or capacitor detection) is to support old PD like the Cisco 794x phone, which was released decades ago. If the user does not have any of these old PDs, keep pre-standard detection disabled (the default option).
There was a bug in FortiSwitchOS v7.0.3 GA where 'poe-pre-standard-detection' is always enabled.
The issue is fixed in FortiSwitchOS v7.0.4 GA. From FortiSwitchOS v7.0.4 and up, 'poe-pre-standard-detection' is disabled by default.
FortiGate CLI (for Managed FortiSwitch units):
config switch-controller managed-switch
edit <FortiSwitch_serial_number>
set poe-pre-standard-detection disable
next
end
FortiSwitch CLI (For Standalone FortiSwitch units):
config switch global
show full
set poe-pre-standard-detect disable
end
- Verify that there are no PSE-PSE port connections on the FortiSwitch.
Two Power Sourcing Equipment (PSE) ports should not be connected in the network, because both sides would try to supply power to each other and cause issues to those ports. To verify if there are any PSE-PSE port scenarios on the switch connections, use the command below from the Managed FortiGate. If there are any PSE-PSE connections, disable the poe status on that port (only) of the FortiSwitch - using the CLI command 'set poe-status disable' for that specific port or from FortiGate GUI under Managed FortiSwitches -> switch -> show ports -> select port -> PoE -> disable.
FortiGate CLI (for Managed FortiSwitch units):
diagnose switch-controller switch-recommendation pse-check <Fortilink interface name>
- If the issue persists, log a ticket with Fortinet Support and attach the following logs from the affected FortiSwitch:
get switch poe inline
diagnose switch poe status
get hardware status
diagnose sys fan status
diagnose sys pcb temp
diagnose sys psu status
show full
diagnose debug report
Related article:
