Not applicable
Created on 09-20-2007 04:43 AM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Auto negotiation on internal interface 100A
Can anyone advise please ? We have a fortigate 100A and the internal ports only connect to a HP 1GB port switch at 10mb half duplex. There is no way of changing the internal ports to 100mb full so the HP switch cannot be anything but auto negotiation!
8 REPLIES 8
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
From the CLI, check out the following:
FGT 1000a $ config system interface (interface)$ edit port10 (Use your interface name here!!) (port10)$ set speed ? 1000full 1000M full-duplex 1000half 1000M half-duplex 100full 100M full-duplex 100half 100M half-duplex 10full 10M full-duplex 10half 10M half-duplex auto auto adjust speed (port10)$ end FGT 1000a $
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Bob - self proclaimed posting junkie!See my Fortigate related scripts
at: http://fortigate.camerabob.com
Not applicable
Created on 09-20-2007 05:28 AM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The 100A has a 4 port switch for its internal interface so the options are not available ! The WAN and DMZ ports being individual can be set as you describe using the CLI.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Is there a way to monkey around with the HP to force 100 MB full?
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Bob - self proclaimed posting junkie!See my Fortigate related scripts
at: http://fortigate.camerabob.com
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The 100A has a 4 port switch for its internal interface so the options are not available !Indeed.. ' speed' command is not available for interfaces 4-port switches. Two workarounds if you can pull off that unit of production meanwhile: 1) MR5 build has a new option in system global configuration:
config system global set internal-switch-speed {100full | 100half | 10full | 10half | auto} end2) If your 100A unit is a revision 2 unit, you could pass it from ' switch mode' to ' interfase mode' and your internal 4-port switch will turn into 4 individual internal ports Int{1,4} and use ' speed' command as Bob suggested.
regards
/ Abel
regards
/ Abel
Not applicable
Created on 09-20-2007 05:52 AM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Prior to connecting to the HP 1GB switch we used an Allied Telesyn 10/100. The fortigate connected at 100m full. I have asked for the HP switch to be set to Auto 10/100 negotiate only so will see what that does !
Not applicable
Created on 09-20-2007 06:41 AM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, this has been tried but the fortigate still only shows a connection of 10m full. The HP switch shows the connection as 100m full regardless of auto or forced 100m full ?!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I' m sorry to disappoint you, the speed command is not available on individual ports in interface mode. Just tested it.
That leaves the upgrade MR5 and using the set internal-switch-speed or use a DMZ port as an internal. In MR5 you can label the network port via an alias DMZ = internal
Regards, Eric
Rackmount your Fortinet --> http://www.rackmount.it/fortirack
Rackmount your Fortinet --> http://www.rackmount.it/fortirack
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I' m sorry to disappoint you, the speed command is not available on individual ports in interface mode. Just tested it.ok; good point. Thanks for clarify.
That leaves the upgrade MR5 and using the set internal-switch-speed or use a DMZ port as an internal. In MR5 you can label the network port via an alias DMZ = internalExactly; David: Eric' s workaround seems to be more appropiate here.
regards
/ Abel
regards
/ Abel