Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
DannyV
New Contributor

Fortigate 50G-SFP, Dual WAN

Hi, 

The Fortigate 50G-SFP documentation does not specify whether the SFP port can function as a secondary WAN. Does anyone have information about this?

 

Thanks!

1 Solution
johnathan

The only real difference between interfaces, apart from the label, is how the ports are hooked up to the NPU.
For example, on larger units the HA or MGMT ports are not NPU accelerated. You probably shouldn't use these for heavy traffic, but you can do it if you want.
Generally, all SFP and general ports are always NPU accelerated.

You can refer to the fastpath document to confirm this for each model.
See this for the 50G: https://docs.fortinet.com/document/fortigate/7.0.12/hardware-acceleration/201529/fortigate-50g-and-5...
For this model, all ports are NPU accelerated and there will not be any difference when configuring one of those ports as a second WAN link. 

"Never trust a computer you can't throw out a window."

View solution in original post

6 REPLIES 6
johnathan
Staff
Staff

You can use whatever port you want for the WAN, FortiOS does not place any restrictions for this. 

"Never trust a computer you can't throw out a window."
DannyV

Thanks for the response.  I noticed that many Fortigate models, like the 50G-SFP-PoE model includes two WAN ports.  What's the difference between this and, for example, a SFP port as a secondary WAN? Any limitations?  Can be used in a SD-WAN?

johnathan

The only real difference between interfaces, apart from the label, is how the ports are hooked up to the NPU.
For example, on larger units the HA or MGMT ports are not NPU accelerated. You probably shouldn't use these for heavy traffic, but you can do it if you want.
Generally, all SFP and general ports are always NPU accelerated.

You can refer to the fastpath document to confirm this for each model.
See this for the 50G: https://docs.fortinet.com/document/fortigate/7.0.12/hardware-acceleration/201529/fortigate-50g-and-5...
For this model, all ports are NPU accelerated and there will not be any difference when configuring one of those ports as a second WAN link. 

"Never trust a computer you can't throw out a window."
DannyV

I thought I needed the SFP because the Fortigate 50G only has one WAN port. It's good to know that I don’t need the SFP since I can just convert one of the LAN ports into a second WAN.

 

Given your previous explanation, why does Fortinet identify only the PoE version as dual WAN, when other models in the same 50G series can also be configured for dual WAN? In the screenshot I attached you can see they identify some models with one hardware accelerated WAN ports and other models with two.  I think they do the same with the 30G and 40F.  Any reason for this?

Fortigate 50G Specs Comparison.png

johnathan

I had a look at the schematic for the 50G-SFP vs the 50G-SFP-POE, it looks like for the POE version the RJ45 WAN port is not in the same physical switch as the rest of the RJ45 ports. I think the only tangible difference to the end user would be that you cannot add all 4 RJ45 ports into a hardware switch, whereas the non-POE would be fine with you doing this. 

"Never trust a computer you can't throw out a window."
DannyV

That makes sense. 

 

Thanks!...

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors