Hi all
I have recently purchased a pair of FortiGate 240D but am concerned about the following limit in the maximum values document:
MAC address table size - 200
I plan to run some wireless access points directly into the switch ports of the Fortigates so there will be more than 200 wireless clients and MAC addresses that the unit will need to know about (these will be dynamic ARP entries, not statically defined).
Can anyone clarify what exactly the limit above refers to?
Thanks
Solved! Go to Solution.
Hello,
There is an option to create a static MAC table on Fortigate. The table can hold up to 200 entries.
This command is available in Transparent mode only.
Command Syntax: config system mac-address-table edit <mac-address_hex> set interface <if_name> set reply-substitute <mac-address_hex> end
So, the MAC address table is referring to the above, nothing about the Wireless clients.
Hope that helps
Relax...is says "ARP Table size=10240" for the 200D series.
Maybe someone from FTNT can comment on the meaning of "MAC address table size" as it is distinct from "DHCP Reserved addresses", the only other place where a FGT deals with MAC addresses.
ede_pfau wrote:AFAIK Mac Tables are used by switches, maybe it just means the table the internal switch can hold?Maybe someone from FTNT can comment on the meaning of "MAC address table size" as it is distinct from "DHCP Reserved addresses", the only other place where a FGT deals with MAC addresses.
Hello,
There is an option to create a static MAC table on Fortigate. The table can hold up to 200 entries.
This command is available in Transparent mode only.
Command Syntax: config system mac-address-table edit <mac-address_hex> set interface <if_name> set reply-substitute <mac-address_hex> end
So, the MAC address table is referring to the above, nothing about the Wireless clients.
Hope that helps
@gschmitt:
That's what the ARP table is used for. So 10k entries for a FG-200D.
MAC address substitution is "nice to have" but IMHO rarely used. Must look up what it's meant for...
Thanks for this - that answers my question!!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.