I have a new 201F and I'm trying to connect it to a 548D Fortiswitch using a Fortinet DAC cable. For some reason, I can not get it to maintain a reliable 10Gbps connection. I'm using the SFP+ ports on the switch and either X1 or X on the 201F.
I've tried every combination of port speed and duplex.
I even downgraded BOTH devices from 7.4 to 7.2.5. The downgrade allowed it to work for about 2 days and then it dropped again.
The only reliable link is use transceivers on either end, but I only have 1Gbps connections.
Make sure the DAC (Direct Attach Copper) cable is compatible with both the FortiGate 201F and the FortiSwitch 548D. Also, ensure that the cable is not damaged. Inspect the SFP+ ports on both devices for any signs of damage or dirt. Sometimes, even a small amount of debris can cause issues. Double-check the configuration on both devices. Make sure that the ports are configured correctly for 10Gbps and that there are no conflicting settings. Check the logs on both the FortiGate and FortiSwitch for any errors or warnings that could give you a clue as to what's going wrong.Use built-in diagnostic tools to test the link. This can sometimes provide more information about what's going wrong. If Spanning Tree Protocol (STP) is enabled, it could be causing issues. Try disabling it temporarily to see if that resolves the issue. Ensure that there are no VLAN mismatches that could be causing the issue.
I was using a Fortinet DAC cable which is supposed to be supported on both devices. Since posting this, I am using a different (and shorter) cable. Connection has been working for 24 hours. Will monitor and see if it goes down again. I have also disabled STP.
If switching to a shorter Fortinet DAC cable has shown an improvement, it could indicate a few potential issues:
Cable Length and Quality: The length of DAC cables can be a factor in the reliability of the connection, especially at higher speeds like 10Gbps. As the length increases, the chance of signal degradation also increases. It's possible the original cable was either too long for reliable 10Gbps transmission or was simply defective.
Spanning Tree Protocol (STP): Disabling STP can sometimes resolve connectivity issues, especially if there's a misconfiguration. However, be cautious when disabling STP, especially in environments with potential loop conditions. STP is designed to prevent network loops. If there's a chance of loop formation in your network (like multiple paths between switches), STP is crucial to prevent broadcast storms and network meltdowns.
If the connection remains stable with the shorter cable and no STP, and if you've confirmed there's no chance of network loops, then it seems you've found a solution that works for your environment. However, it's always a good practice to understand the root cause to prevent similar issues in the future or in other parts of your network. If the problem does resurface, given the extensive troubleshooting you've done, reaching out to Fortinet support might be the next best step.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.