Hi guys,

I have problem with STP forward through SFP ports on FortiGateRugged 30D's in transparent mode. I'am using few of these devices connected in simple ring topology through SFP ports. Problem is, that I can't pass STP packets through SFP interface. There is no problem with STP, when I create ring on HARD-SWITCH (LAN), but problem is distance between them, so I need to use optics. Devices are in transparent mode, firewall - permit all from * to * , with stpforward and l2forward enabled. When I capturing SFP ports traffic by wireshark, can't see any STP packet. From what I have read, this have to be enough for correct STP forward. Did I miss something? Is this a "feature" or a bug? Does it have anything to do with SFP ports, which are "separate" interfaces?

EDIT: Same problem, when I set metalic interfaces as physical (exclude from hard-switch) - no STP forward.

Here is my config of interfaces, TY for your help. Brendon.

config system interface     edit "modem"         set vdom "root"         set type physical         set snmp-index 1     next     edit "sfp1"         set vdom "root"         set allowaccess ping https ssh http         set l2forward enable         set stpforward enable         set type physical         set role lan         set snmp-index 3     next     edit "sfp2"         set vdom "root"         set allowaccess ping fgfm         set l2forward enable         set stpforward enable         set type physical         set role lan         set snmp-index 4     next     edit "lan"         set vdom "root"         set allowaccess ping https ssh http fgfm capwap         set l2forward enable         set type hard-switch         set stp enable         set role lan         set snmp-index 5     next end