Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Fortigate 300 D and Cisco 3750X SFP connection

Hello All,


I'm trying to connect the 300D to a Cisco 3750x to the SFP ports. It has this module C3KX-NM-10G which allows for 2 10GB or 4 1GB connections. G1 is in use and working. I'm using a twinax cable to make the connection, SFP-H10GB-CU1M=. If i plug it into G2 (cisco) and port5 (300D) I get link light on the 300D but not the Cisco. If I put it in G3, I get port error disabled on the Cisco side, usually this is due to a duplex or speed mismatch but I can't force a speed or duplex on these module SFP ports. I have tried setting this up as a trunk line and as just regular access, also tried assigning it an independent IP nothing seems to change. Is the twinax cable the problem or is it a config issue on either side? Anyone else have the 300d working with a twinax cable?




There are two things that are odd about this, first the usage of a 10GB cable and SFP's, while the 300D only has 1GB ports. Secondly, speed is something that can be set to a fixed speed on the FG or did you mean the switch where it is not possible to set?


Also, sometimes other vendor SFP's do not work on a FortiGate and is not recommended as a best practice. I have seen Cisco and Checkpoint SFP's work in a Fortigate, but also a few Cisco SFP's that did not work.


In my experience the FGT SFP or SFP+ ports do not auto-negotiate speed (duplex always is full duplex with fiber). Try to nail it to 1000M, even if the Cisco doesn't support fixed speed on these ports (really?).

Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!

1.) I wasn't sure if the 10GB to 1GB would be the problem or not, I have the same twinax cable being used in a 1GB scenario.


2.) Yes, the switch for some reason on these module ports doesn't have the commands to set the speed. I can set the regular ports on the switch but the SFP module it doesn't let me, I'm still reaching out to cisco see if there is another way.


I will have to go with the recommended if this doesn't work I just had them on hand and its not exactly cheap.


Thanks for the reply


Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors