Hi!
As I see, the FortiGate 60C should have a WAN Interface that is 10/100/1000 Fullduplex compatible.
In this document its written that it should be this way: http://www.fortinet.com/sites/default/files/productdatasheets/FortiGate-60C.pdf
But my WAN Interfaces seems to be only 100Mbit/Fullduplex.
So.. what is true and what speed should my Interface have?
Has anybody the same "problem"?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Depends on what speed/duplex the device on the other end of the WAN connection(s) supports.
If there is a duplex/speed negotiating issue, it may show up if you perform a diag hardware deviceinfo nic <WAN interface> on the CLI and check for errors.
You can of course, force the duplex/speed on an interface by the follow on the CLI...
config system interface edit "WAN1" set speed 1000full next exit
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
Dave Hall wrote:Depends on what speed/duplex the device on the other end of the WAN connection(s) supports.
If there is a duplex/speed negotiating issue, it may show up if you perform a diag hardware deviceinfo nic <WAN interface> on the CLI and check for errors.
You can of course, force the duplex/speed on an interface by the follow on the CLI...
config system interface edit "WAN1" set speed 1000full next exit
The device and the cable of the other side support 1000/fullduplex. Never had Problems with older router or firewall with the same device on the other side.
I cant set it via CLI, the highest speed I can configure is 100/fullduplex.
Output from Console:
command parse error before 'speed'
Command fail. Return code -61
When I execute the same command with set speed 100full all goes fine.
The Command set speed 1000full does not work, when a cable is patched or not. The same Problem is with the WAN2 and DMZ Port.
Now I configured the FortiGate to Change the mode from Switch to Interface.
I put the interface5 as "WAN" Port and Voila! 1000Gigbait/Fullduplex (with same device and cable) works.
I think that the document is wrong or my device have a older Interface?!
shorn1 wrote:Hello, I have same problem and I solved it! Just delete software switch from interface and make split internal lan and wifi. All Wan ports are 1Gbit connections but this software slow down them. Now I have 1Gbit full-duplex in Wan1. Thanks! Hamed
The device and the cable of the other side support 1000/fullduplex. Never had Problems with older router or firewall with the same device on the other side. I cant set it via CLI, the highest speed I can configure is 100/fullduplex. Output from Console:command parse error before 'speed'When I execute the same command with set speed 100full all goes fine. The Command set speed 1000full does not work, when a cable is patched or not. The same Problem is with the WAN2 and DMZ Port. Now I configured the FortiGate to Change the mode from Switch to Interface. I put the interface5 as "WAN" Port and Voila! 1000Gigbait/Fullduplex (with same device and cable) works. I think that the document is wrong or my device have a older Interface?!
Command fail. Return code -61
Hello,
The datasheet which you are referring to is for the new units(higher revision)
- On the older units(revision : 1 or 2), the wan interface only support 100 full duplex.
So, verify which revision is your 60C is and if it is not the latest, then the WAN interfaces of your FGT60C support only 100Full.
Hope that helps.
But...it isn't easy to determine the hardware revision on a FGT!
You might look for a "Pxxx" number on the sticker on the bottom of the FGT, and maybe FTNT can decode that for you.
Besides, you have found the solution to your problem already: use one of the 'internal' ports after splitting up the switch. These are 1000 Mbps (a '1000Gigabit/s' port on a desktop model is still in the works...). The designation as 'internalX' is just a label, there is no functionality connected to the labels.
Even though the WAN device itself is capable of connecting at 1gb, unless the data transfer rate is over 100 MB or higher, I doubt you'll be losing out that much by setting the WAN port connect to 100 full duplex.
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
Dave Hall wrote:Even though the WAN device itself is capable of connecting at 1gb, unless the data transfer rate is over 100 MB or higher, I doubt you'll be losing out that much by setting the WAN port connect to 100 full duplex.
I got a Internet Connection of 600Mbit Down and Upstream. That I can easily use to 95%.
With a WAN Port of 100Mbit I lose a lot of my internet speed.
back to what was suggested, the diag hardware deviceinfo nic wan1 command or fnsysctl cat /proc/net/nicinfo/wan1 will output what's support by the nic chipset
e.g ( 10/100/1000mbps )
Broadcom 570x Tigon3 Ethernet Adapter To get more ideals on broadcom ethernet adapters;http://www.broadcom.com/support/ethernet_nic/faq_drivers.php
Once again, this is a linux based firewall and uses drivers similar to linux but with a FTNT touch
PCNSE
NSE
StrongSwan
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1731 | |
1099 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.