The network interfaces that are bound to physical ports have three uses:
By default, ports use auto-negotiation to determine the connection speed. In general, you change the speed if the interface is connected to a device that does not support auto-negotiation. If the other device uses a fixed speed/duplex setting, you use the configuration page to set the FortiDDoS network interface speed/duplex to the appropriate matching values.
The interface modules for FortiDDoS 900B/1000B and FortiDDoS 1200B/2000B models have special guidelines. To avoid issues with speed/duplex for these interface modules, please disregard the possible choices and use the required settings shown in Table 74.
Table 74: Speed/Duplex settings
Transceiver/Interface Module | Possible Choices | Required Settings |
---|---|---|
SFP (1 Gbps) | Auto, 1000Mbps Full Duplex | 1000Mbps Full Duplex |
SFP+ (10 Gbps) | Auto, 1000Mbps Full Duplex | Auto |
LC 850nm optical (10 Gbps)* | Auto, 1000Mbps Full Duplex | Auto |
*Available on FortiDDOS 1200B/2000B only. |
Before you begin:
Figure 132: Network interface status page
The Status indicators on the Interface Configuration page display the connectivity status. A green indicator means that the link is connected and negotiation was successful. A red indicator means that the link is not connected or is down. |
Figure 133: Network interface speed/duplex settings page
Figure 134: Management interfaces settings page
Settings | Guidelines |
---|---|
Speed | Select one of the following speed/duplex settings:
|
IPv4/Netmask | Management interfaces only. Specify the IP address and CIDR-formatted subnet mask, separated by a forward slash ( / ), such as 192.0.2.5/24. Dotted quad formatted subnet masks are not accepted. |
IPv6/Netmask | Management interfaces only. Specify the IP address and CIDR-formatted subnet mask, separated by a forward slash ( / ), such as 2001:0db8:85a3:::8a2e:0370:7334/64. Dotted quad formatted subnet masks are not accepted. |
Administrative Access | Management interfaces only. Allow inbound service traffic. Select from the following options:
Note: We recommend that you enable administrative access only on network interfaces connected to trusted private networks or directly to your management computer. If possible, enable only secure administrative access protocols such as HTTPS or SSH. |
CLI commands:
set speed {auto|10half|10full|100half|100full|1000half|1000full}
|