Greetings All,
we are trying to establish the connection between FrtiGate1000D and FortiGate 3700D through the Fiber Optic.
and we have checked the connectivity plus the SFP but still, the connection not working between them
the SFP in both sides is 1G and the port has been enabled in both side as auto.
does the lack of license the reason of this issue for the connectivity between the FortiGate.
Please find the attached FYR.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Very doubtful an expired licensing would affected physical connections unless you have firewall policies on the ports with expired UTM policies applied to them.
Are you trying to connect both fgts through a fiber switch or direct-to-direct ports on each fgt? Have you performed diag hardware device info <nic name> on the CLI to see if there is a duplex/speed or any rx/tx errors (do these error counters grow?)
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
Do you get link lights? Perhaps the fiber needs flipping. (send-send and receive-receive won't work)
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Thanks rwpatterson,
yes, the light between the Fiber is working fine and SFP in the both FortiGate is 1GB
Thanks Dave for your reply,
we are trying to connect both of FortiGate by direct-to-direct ports on each FortiGate
also, FOC as a physical is working correctly
about the interface port in both FortiGate is configured as 1G (Auto)
Dave,
could you see the below link and explain it to me? does it related to the same subject??
NPU architecture for those models wouldn't affect to "make or break" situations. It just doesn't accelerate as it's capable of. If traffic comes in NPU0 port and encrypted for VPN and goes out NPU1 port, the CPU does the work relaying between them instead of the ASIC.
I would check the counter increments in "diag hard device nic" then run sniffer on the receiving side if they're actually arriving at the incoming port.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1696 | |
1092 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.