Deutsch dropdown-ico

Fortinet 5003 Bedienungsanleitung

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128

Zur Seite of

Ähnliche Gebrauchsanleitungen

Richtige Gebrauchsanleitung

Die Vorschriften verpflichten den Verkäufer zur Übertragung der Gebrauchsanleitung Fortinet 5003 an den Erwerber, zusammen mit der Ware. Eine fehlende Anleitung oder falsche Informationen, die dem Verbraucher übertragen werden, bilden eine Grundlage für eine Reklamation aufgrund Unstimmigkeit des Geräts mit dem Vertrag. Rechtsmäßig lässt man das Anfügen einer Gebrauchsanleitung in anderer Form als Papierform zu, was letztens sehr oft genutzt wird, indem man eine grafische oder elektronische Anleitung von Fortinet 5003, sowie Anleitungsvideos für Nutzer beifügt. Die Bedingung ist, dass ihre Form leserlich und verständlich ist.

Was ist eine Gebrauchsanleitung?

Das Wort kommt vom lateinischen „instructio”, d.h. ordnen. Demnach kann man in der Anleitung Fortinet 5003 die Beschreibung der Etappen der Vorgehensweisen finden. Das Ziel der Anleitung ist die Belehrung, Vereinfachung des Starts, der Nutzung des Geräts oder auch der Ausführung bestimmter Tätigkeiten. Die Anleitung ist eine Sammlung von Informationen über ein Gegenstand/eine Dienstleistung, ein Hinweis.

Leider widmen nicht viele Nutzer ihre Zeit der Gebrauchsanleitung Fortinet 5003. Eine gute Gebrauchsanleitung erlaubt nicht nur eine Reihe zusätzlicher Funktionen des gekauften Geräts kennenzulernen, sondern hilft dabei viele Fehler zu vermeiden.

Was sollte also eine ideale Gebrauchsanleitung beinhalten?

Die Gebrauchsanleitung Fortinet 5003 sollte vor allem folgendes enthalten:
- Informationen über technische Daten des Geräts Fortinet 5003
- Den Namen des Produzenten und das Produktionsjahr des Geräts Fortinet 5003
- Grundsätze der Bedienung, Regulierung und Wartung des Geräts Fortinet 5003
- Sicherheitszeichen und Zertifikate, die die Übereinstimmung mit entsprechenden Normen bestätigen

Warum lesen wir keine Gebrauchsanleitungen?

Der Grund dafür ist die fehlende Zeit und die Sicherheit, was die bestimmten Funktionen der gekauften Geräte angeht. Leider ist das Anschließen und Starten von Fortinet 5003 zu wenig. Eine Anleitung beinhaltet eine Reihe von Hinweisen bezüglich bestimmter Funktionen, Sicherheitsgrundsätze, Wartungsarten (sogar das, welche Mittel man benutzen sollte), eventueller Fehler von Fortinet 5003 und Lösungsarten für Probleme, die während der Nutzung auftreten könnten. Immerhin kann man in der Gebrauchsanleitung die Kontaktnummer zum Service Fortinet finden, wenn die vorgeschlagenen Lösungen nicht wirksam sind. Aktuell erfreuen sich Anleitungen in Form von interessanten Animationen oder Videoanleitungen an Popularität, die den Nutzer besser ansprechen als eine Broschüre. Diese Art von Anleitung gibt garantiert, dass der Nutzer sich das ganze Video anschaut, ohne die spezifizierten und komplizierten technischen Beschreibungen von Fortinet 5003 zu überspringen, wie es bei der Papierform passiert.

Warum sollte man Gebrauchsanleitungen lesen?

In der Gebrauchsanleitung finden wir vor allem die Antwort über den Bau sowie die Möglichkeiten des Geräts Fortinet 5003, über die Nutzung bestimmter Accessoires und eine Reihe von Informationen, die erlauben, jegliche Funktionen und Bequemlichkeiten zu nutzen.

Nach dem gelungenen Kauf des Geräts, sollte man einige Zeit für das Kennenlernen jedes Teils der Anleitung von Fortinet 5003 widmen. Aktuell sind sie genau vorbereitet oder übersetzt, damit sie nicht nur verständlich für die Nutzer sind, aber auch ihre grundliegende Hilfs-Informations-Funktion erfüllen.

Inhaltsverzeichnis der Gebrauchsanleitungen

  • Seite 1

    FortiSwitch-5003A and 5003 Fab ric and Base Backplane Communications Guide 01-30000-857 17-20081205 MANAGEMENT SYSTEM E1 ZRE LED MODE 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0 E0 OK CLK INT EXT FL T HOT SWAP RESET FL T CONSOLE E T H O R S 2 3 2 Z R E 0 Z R E 1 Z R E 2 FortiSwitch-5003A and 5003 Fabric and Base Backplane Communications Guide This FortiS[...]

  • Seite 2

    FortiSwitch-5003A an d 5003 Fabric and Base Backplane Communi cations Guide 01-30000-85717-20 081205 W arnings and cautions Only trained and qual ified personnel shou ld be allo wed to install or maintain FortiGate-5000 series equipment. Read and comply with all warning s, cautions and notices in this document. • T urning off all po wer switches [...]

  • Seite 3

    Contents FortiSwitch-5003A an d 5003 Fabric and Base Backplane Communications Guide 01-30000-85717-200812 05 3 Contents Warnings and cautions .............. ................ ............. ................ ............. ............. 2 Introduction ....................... .............................. ................... 7 About this document .....[...]

  • Seite 4

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 4 01-30000-85717-200812 05 Contents FortiGate-5050 fabric backpla ne communication ........ 47 Fabric gigabit switching within a chassi s ....................... ................ .............. 48 Fabric channel connecti ons between FortiSwitch-5003A boards .............. 5[...]

  • Seite 5

    Contents FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 5 config ........... ............. ................ ............. ............. ................ ............. ............. .... 92 admin user ................... ............. ............. ................ ............. ............. ....[...]

  • Seite 6

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 6 01-30000-85717-200812 05 Contents[...]

  • Seite 7

    Introduction About this document FortiSwitch-5003A an d 5003 Fabric and Base Backplane Communications Guide 01-30000-85717-200812 05 7 Introduction This FortiSwitch-5003A an d 5003 Fabric and Base Backplane Communication s Guide contains informatio n, instructions an d example configurations for the ba se and fabric backplane channels and inter fac[...]

  • Seite 8

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 8 01-30000-85717-200812 05 Revision history Introduction • FortiGate-5140 and 50 50 base backpla ne communication descr ibes supported configurations and features for Fo rtiGate-5 140 and 5050 chassis base backplane communications. • FortiGate-5020 base backplane commun[...]

  • Seite 9

    FortiSwitch-5003A system FortiSwitch-5003A an d 5003 Fabric and Base Backplane Communications Guide 01-30000-85717-200812 05 9 FortiSwitch-5003A system The FortiSwitch-5003A boa rd provides 10/1-gigabit fabr ic backplane channel layer-2 switch ing and 1- gigabit base b a ckplane channel layer- 2 switching in a dual star architecture fo r the FortiG[...]

  • Seite 10

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 10 01-30000-85717-200812 05 Front panel LEDs and connectors FortiSwitch-5003A system Figure 1: FortiSwitch-5 003A front p anel • One front p anel base backplane 10- gig abit optical or copper SFP+ interface (BASE 10G) that connects to the base backplane channel • Eight [...]

  • Seite 11

    FortiSwitch-5003A system Front panel LEDs and connectors FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 11 LEDs Ta b l e 2 lists and describ es the FortiSwitch-5003A fron t panel LEDs. T able 2: Fo rtiSwitch-5003A front panel LEDs and switches LED St ate Descripti on OOS (Out of Service) Off Norm[...]

  • Seite 12

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 12 01-30000-85717-200812 05 Front panel LEDs and connectors FortiSwitch-5003A system Base channel interfaces Ta b l e 3 lists and describes the FortiSwit ch-5003A base backplane chan nel interfaces. The base backplane i nterfaces are not configurable or visible from th e Fo[...]

  • Seite 13

    FortiSwitch-5003A system Front panel LEDs and connectors FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 13 Fabric channel interfaces Ta b l e 4 lists and describ es the FortiSwitch-5003A fabr ic channel interfaces. Y ou can configure fabric interface settings, group fabric interfaces into trunks,[...]

  • Seite 14

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 14 01-30000-85717-200812 05 FortiSwitch-5003 A configurations FortiSwitch-5003A system Front panel connectors Ta b l e 6 lists and describes the For tiSwitch-5003A front panel connectors . FortiSwitch-5003A configurations Y ou can operate the FortiSwitch-5003A b oard as a f[...]

  • Seite 15

    FortiSwitch-5003A system FortiSwitch-5003A configurations FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 15 Figure 4: FortiSwitch-5003A base channel 1 HA heartbeat co mmunication Fabric 10-gigabit sw itching within a chassis One FortiGate-R TM-XB2 provides 10-gigabit con nections to both FortiGat[...]

  • Seite 16

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 16 01-30000-85717-200812 05 FortiSwitch-5003 A configurations FortiSwitch-5003A system Layer-2 link aggregation a nd redundancy configurations The FortiSwitch-5003A board suppor ts 802.3ad st atic mode layer-2 link aggregation, 802.1q VLANs, and 802.1s Multi-S panning T ree[...]

  • Seite 17

    FortiSwitch-5003 system Front panel LEDs and connectors FortiSwitch-5003A an d 5003 Fabric and Base Backplane Communications Guide 01-30000-85717-200812 05 17 FortiSwitch-5003 system The FortiSwitch-5003 bo ard provides base backplan e interface switching for the FortiGate-5140 ch assis and the FortiG ate-5050 cha ssis. Y ou can use this switching [...]

  • Seite 18

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 18 01-30000-85717-200812 05 Front panel LEDs and connectors FortiSwitch-5003 system Figure 7: FortiSwitch-5003 front panel LEDs Ta b l e 7 lists and describes the For tiSwitch-5003 bo ard front panel LEDs. MANAGEMENT SYSTEM E1 ZRE LED MODE 15 14 13 12 11 10 9 8 7 6 5 4 3 2 [...]

  • Seite 19

    FortiSwitch-5003 system Front panel LEDs and connectors FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 19 About the ZRE n etwork activity LED s The ZRE network activity LEDs show links and network activity for the interfaces and connections listed in Ta b l e 8 . Figure 8: FortiSwitch-5003 ZRE ne[...]

  • Seite 20

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 20 01-30000-85717-200812 05 Base backplane communications FortiSwitch-5003 system Connectors Ta b l e 9 lists and describes the For tiSwitch-5003 fr ont panel connectors . Base backplane communications This section provides a brief introducti on to using FortiSwitch -5003 b[...]

  • Seite 21

    FortiSwitch-5003 system Base backplane communicati ons FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 21 In a single chassis, more than one cluster can use the same base backplane interface for HA heartbeat communication. T o separate heartbeat communication for multiple clusters on the same base[...]

  • Seite 22

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 22 01-30000-85717-200812 05 Base backplane communications FortiSwitch-5003 system[...]

  • Seite 23

    FortiGate-5140 fabric backplane communication FortiSwitch-5003A an d 5003 Fabric and Base Backplane Communications Guide 01-30000-85717-200812 05 23 FortiGate-5140 fabric backplane communication The FortiGate-5140 chassis has two fabric backplane Ethernet ch annels that can operate at 1 Gbps or 10 Gbps. A vailable connections to these channe ls var[...]

  • Seite 24

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 24 01-30000-85717-200812 05 Fabric gigabit switching withi n a chassis F ortiGate-5140 fabric ba ckp lane communication This section describes: • Fabric gigabit switching within a chassis • Fabric channel connecti ons bet ween FortiSwitch-5003A boards • Fabric gigabit[...]

  • Seite 25

    FortiGate-5140 fabric backplane communication Fabric gigabit switching within a chassis FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 25 The chassis can be connecte d to the network usin g any of the FortiGate-50 01A front panel interfaces. Y ou can also conn ect FortiSwitch-5003A front p anel f[...]

  • Seite 26

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 26 01-30000-85717-200812 05 Fabric gigabit switching withi n a chassis F ortiGate-5140 fabric ba ckp lane communication Figure 10: FortiGate-5140 fabric cha nnel 1 and 2 data communication For the FortiGate boards to use the fabric channels 1 and 2 for dat a communication y[...]

  • Seite 27

    FortiGate-5140 fabric backplane communication Fabric channel connections be tween FortiSwitch-5003 A boards FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 27 Fabric channel connections be tween FortiSwitch-5003A boards When two FortiSwitch-5003A boards are inst alled in a single ch assis their fa[...]

  • Seite 28

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 28 01-30000-85717-200812 05 Fabric gigabit switching between chassis For tiGate-5140 fabric backp lane communication The chas sis can be co nnected to the netw ork using an y of the FortiGate f ront panel inte rfaces. Y ou can also connect FortiSwitch- 5003A front p anel fa[...]

  • Seite 29

    FortiGate-5140 fabric ba ckplane communicatio n Fabric gigabit switching to the network FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 29 If the data traffic co ntains VLAN- tagged p ackets, you must add the VLAN tags to the FortiSwitch-5003A interf aces that will handle the VLAN-tagged traffic. [...]

  • Seite 30

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 30 01-30000-85717-200812 05 Fabric gigabit switching to the network Fort iGate-5140 fabric backplane commun ication Figure 12: Fabric chan nel 2 conne cted to an interna l network and fabric channe l 1 connected to an external network For the FortiGate-5001A boards to use t[...]

  • Seite 31

    FortiGate-5140 fabric ba ckplane communication Fabric 10-gigabit switching within a chassis FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 31 Fabric 10-gigabit switching within a chassis All of the FortiSwitch-5003A fabric fro nt pa nel interfaces ar e 10-gigabit inte rfaces and the FortiSwitch-5[...]

  • Seite 32

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 32 01-30000-85717-200812 05 Fabric 10-gigabit switching within a chassi s For tiGate-5 140 fabric backplane communication Figure 13: Example 10-gigabit connectio n between internal and external ne tworks If the dat a traffic con tains VLAN-t agged pa ckets, you mu st add th[...]

  • Seite 33

    FortiGate-5140 fabri c backplane communicat ion Fabric channel layer-2 link aggrega tion FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 33 Fabric channel layer-2 link aggregation FortiSwitch-5003A boards suppo rt 802.3ad static mode layer -2 link aggregati on and 802.1q VLANs for the fabric chan [...]

  • Seite 34

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 34 01-30000-85717-200812 05 Fabric channel layer-2 link aggregation Forti Gate-5140 fabric ba ckplane communication Because the FortiGate-5000 b oards in a lin k aggrega tion configuration oper ate in transp arent mode, any ro uting, VPN or NA T requirement s should be hand[...]

  • Seite 35

    FortiGate-5140 fabri c backplane communicat ion Fabric channel layer-2 link aggrega tion FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 35 The FortiSwitch-5003A co nfiguration consist s of adding a trunk named trunk_6 that aggregates backp lane slots 6 , 8, 9, 10, 1 1, and 13: config switch fabri[...]

  • Seite 36

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 36 01-30000-85717-200812 05 Fabric channel layer-2 link aggregation and redunda nc y FortiGate-5140 fabric ba ckplane communication Y ou must also enable the FortiSwitch-5003A board to listen for hear tbeat packet s on all of the interfaces connected to For tiGate-5001A boa[...]

  • Seite 37

    FortiGate-5140 fabric backplane communication Exam ple active-passive redundant link configu ration FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 37 The configuration of the sp anning tree instances dete rmines whether you create an active-passive or ac tive-active configuration: • For an acti[...]

  • Seite 38

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 38 01-30000-85717-200812 05 Example active-passive redundant link configuratio n FortiGate-5140 fabric ba ckplane communication All of the FortiGate-5001A boards must be oper ating in transparent mode and all must have the same configur ation. In this redundant configuratio[...]

  • Seite 39

    FortiGate-5140 fabric backplane communication Exam ple active-passive redundant link configu ration FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 39 2 Configure the switch to add VLAN tag 103 and 104 to p ackets from the internal networks and VLAN tag 105 and 106 to p ackets from the external ne[...]

  • Seite 40

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 40 01-30000-85717-200812 05 Example active-passive redundant link configuratio n FortiGate-5140 fabric ba ckplane communication 3 Add two spanning tree instances num bered the same as the instan ces added to the switch (3 and 5). Add the VLAN t ags to the instance s and set[...]

  • Seite 41

    FortiGate-5140 fabric backplane communication Exam ple active-passive redundant link configu ration FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 41 Verifying the MSTP configurat ion of the FortiSwitch-5003A board in slot 1 Enter diagnose spanning-tree mst-con fig fabric-channel to display the F[...]

  • Seite 42

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 42 01-30000-85717-200812 05 Example active-passive redundant link configuratio n FortiGate-5140 fabric ba ckplane communication Example configuration for the FortiS witch-50 03A board in slot 2 The FortiSwitch-5003A b oard in slot 2 re quir es the same configuration setting[...]

  • Seite 43

    FortiGate-5140 fabric backplane communication Exam ple active-passive redundant link configu ration FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 43 Example FortiGate- 5001A configuration All of the FortiGate-5001A boards must be ope rating in transpare nt mode and all must have the same configu[...]

  • Seite 44

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 44 01-30000-85717-200812 05 Example active-active redundant link configur ation FortiGate-5140 fabric ba ckplane communication edit vlan_fab2_105 set interface fabric2 set vlanid 105 set vdom root etc... next edit vlan_fab2_106 set interface fabric2 set vlanid 106 set vdom [...]

  • Seite 45

    FortiGate-5140 fabri c backplane communicatio n Exam ple active-active redundant link co nfiguration FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 45 edit 5 set priority 4096 set vlan-range 105-106 end Verifying the spanning tr ee configuration of the For tiSwitch-5003A board in slot 1 T o displ[...]

  • Seite 46

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 46 01-30000-85717-200812 05 Example active-active redundant link configur ation FortiGate-5140 fabric ba ckplane communication[...]

  • Seite 47

    FortiGate-5050 fabric backplane communication FortiSwitch-5003A an d 5003 Fabric and Base Backplane Communications Guide 01-30000-85717-200812 05 47 FortiGate-5050 fabric backplane communication The FortiGate-5505 chassis has two fabric backplane Ethernet ch annels that can operate at 1 Gbps or 10 Gbps. A vailable connections to these channe ls var[...]

  • Seite 48

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 48 01-30000-85717-200812 05 Fabric gigabit switching withi n a chassis F ortiGate-5050 fabric ba ckp lane communication This section describes: • Fabric gigabit switching within a chassis • Fabric channel connecti ons bet ween FortiSwitch-5003A boards • Fabric gigabit[...]

  • Seite 49

    FortiGate-5050 fabric backplane communication Fabric gigabit switching within a chassis FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 49 For the For tiGate-500 1A boards to use the fabric channel 2 for dat a communication you must show backplane interfaces on the FortiGate-5001A web-based manage[...]

  • Seite 50

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 50 01-30000-85717-200812 05 Fabric channel connecti ons between FortiSwitch-5003A boards FortiGate-5 050 fabric backplan e communication If the dat a traffic con tains VLAN-t agged pa ckets, you mu st add the VLAN tags to the FortiSwitch-5003A inte rfaces that will handle t[...]

  • Seite 51

    FortiGate-5050 fabric ba ckplane communicatio n Fabric gigabit switchi ng between chassis FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 51 Figure 18 shows dat a communication between two FortiGate-50 50 chassis using fabric channel 2. The top chas sis in the figure cont ains a FortiSwitch-500 3A[...]

  • Seite 52

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 52 01-30000-85717-200812 05 Fabric gigabit switching to the network Fort iGate-5050 fabric backplane commun ication If the dat a traffic con tains VLAN-t agged pa ckets, you mu st add the VLAN tags to the FortiSwitch-5003A inte rfaces that will handle the VLAN-tagged traf f[...]

  • Seite 53

    FortiGate-5050 fabric ba ckplane communicatio n Fabric gigabit switching to the network FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 53 Figure 19: Fabric channel 2 co nnected to an internal ne twork and fabric channel 1 connected to an external network If you have two FortiSwitch-5003A boards i[...]

  • Seite 54

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 54 01-30000-85717-200812 05 Fabric 10-gigabit switching within a chassi s For tiGate-5 050 fabric backplane communication Fabric 10-gigabit sw itching within a chassis All of the FortiSwitch-5003A fabric front pa nel interfaces ar e 10-gigabit interfaces and the FortiSwitch[...]

  • Seite 55

    FortiGate-5050 fabric ba ckplane communication Fabric 10-gigabit switching within a chassis FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 55 Figure 20: E xample 10-gigabit connection be tween internal and extern al networks The configuration shown in Figure 20 req uires no configuration ch anges[...]

  • Seite 56

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 56 01-30000-85717-200812 05 Fabric channel layer-2 link aggregation Forti Gate-5050 fabric ba ckplane communication Fabric channel layer-2 link aggregation FortiSwitch-5003A boards supp ort 802.3ad st atic mode layer-2 link aggre gation and 802.1q VLANs for the fabric chan [...]

  • Seite 57

    FortiGate-5050 fabri c backplane communicat ion Fabric channel layer-2 link aggrega tion FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 57 Because the FortiGate-5 000 boards in a link a ggregation configurat ion operate in transparent mode, an y routing, VPN or NA T requirem ents should be handed[...]

  • Seite 58

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 58 01-30000-85717-200812 05 Fabric channel layer-2 link aggregation Forti Gate-5050 fabric ba ckplane communication The For tiSwitch-5003A configurat ion consists of ad ding a trun k named trunk_345 that aggregates backpl ane slot s 3, 4, and 5: config switch fabric-channel[...]

  • Seite 59

    FortiGate-5050 fabri c backplane communicatio n Fabr ic channel layer-2 link aggregati on and redundancy FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 59 Y ou must also enable the FortiSwitch -5003A board to liste n for heartbeat p ackets on all of the interfaces connected to FortiGate-5001A boa[...]

  • Seite 60

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 60 01-30000-85717-200812 05 Example active-passive redundant link configuratio n FortiGate-5050 fabric ba ckplane communication • For an active-active configuration, yo u create two or more sp anning tree instances on all three devices and give some instances a highe r pr[...]

  • Seite 61

    FortiGate-5050 fabric backplane communication Exam ple active-passive redundant link configu ration FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 61 Figure 22: Redundant link aggre gation confi guration External switch configuration The external switch requires the follo wing co nfiguration sett[...]

  • Seite 62

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 62 01-30000-85717-200812 05 Example active-passive redundant link configuratio n FortiGate-5050 fabric ba ckplane communication 4 Add spanning tre e instance 5 for p ackets fro m the external networks. Add VLAN tags 101 to this sp anning tree instance . Set the priority of [...]

  • Seite 63

    FortiGate-5050 fabric backplane communication Exam ple active-passive redundant link configu ration FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 63 6 Enable the FortiSwitch-5003 A board to listen for heartbeat p ackets on the interfaces connecte d to FortiGate-5001A boards: config switch fabric[...]

  • Seite 64

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 64 01-30000-85717-200812 05 Example active-passive redundant link configuratio n FortiGate-5050 fabric ba ckplane communication Example configuration for the FortiS witch-50 03A board in slot 2 The FortiSwitch-5003A b oard in slot 2 re quir es the same configuration setting[...]

  • Seite 65

    FortiGate-5050 fabric backplane communication Exam ple active-passive redundant link configu ration FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 65 Example FortiGate- 5001A configuration All of the FortiGate-5001A boards must be ope rating in transpare nt mode and all must have the same configu[...]

  • Seite 66

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 66 01-30000-85717-200812 05 Example active-active redundant link configur ation FortiGate-5050 fabric ba ckplane communication Example active-active redundant link configuration Y ou can make th e previous e xample an ac tive-active redundant link configur ation that sends [...]

  • Seite 67

    FortiGate-5140 and 505 0 base backplane communication FortiSwitch-5003A an d 5003 Fabric and Base Backplane Communications Guide 01-30000-85717-200812 05 67 FortiGate-5140 and 5050 base backplane communication The FortiGate-5140 chassis and the FortiGate-5050 chassis have two base backplane Ethernet ch annels. Available con nections to these channe[...]

  • Seite 68

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 68 01-30000-85717-200812 05 Base channel connections between Fo rtiSwitch-5003A bo ards FortiGate-5140 and 505 0 bas e backplan e communication This section cont ains example base chan nel HA and network configura tions for each hardware combination. It also di scusses how [...]

  • Seite 69

    FortiGate-5140 and 505 0 base backplane commun ication Base backplane HA configurations FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 69 It makes no difference which Fort iSwitch- 5003A base front pane l interfaces you use to link the base channels. Y ou can con nect an Ethernet cable, either st[...]

  • Seite 70

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 70 01-30000-85717-200812 05 Base backplane HA configurations FortiGat e-5140 and 5050 base ba ckplane communication • Separate multiple sensitive or high volume communications, such as HA communications for multiple clusters. For example, if you have two busy FortiGate-50[...]

  • Seite 71

    FortiGate-5140 and 505 0 base backplane commun ication Base backplane HA configurations FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 71 Figure 26: F ortiGate-5140 inter-chassis HA cluster us ing both base backplan e heartbeat interfaces (through FortiSwitch-5003A boards in hu b/switch slots 1 a[...]

  • Seite 72

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 72 01-30000-85717-200812 05 Base backplane HA configurations FortiGat e-5140 and 5050 base ba ckplane communication Figure 27: FortiGate-5005FA2 heartbeat failo ver from hub/switch slot 1 (base1) to hub/switch slot 2 (base2) Figure 28: FortiGate-5001SX/FortiGate -5001F A 2 [...]

  • Seite 73

    FortiGate-5140 and 505 0 base backplane commun ication Base backplane HA configurations FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 73 T o configure HA interface failover to use two FortiSwitch boar ds 1 Insert the FortiSwitch boards into chassis hub/switch sl ot 1 and hub/switch slot 2. If yo[...]

  • Seite 74

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 74 01-30000-85717-200812 05 Base backplane HA configurations FortiGat e-5140 and 5050 base ba ckplane communication Figure 29: FortiGate-5050 HA cluster with on e available b ase backplane heartbeat interface (through a FortiSwitc h-5003A board in slot 2) Figure 30: FortiGa[...]

  • Seite 75

    FortiGate-5140 and 505 0 base backplane commun ication Base backplane HA configurations FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 75 T o configure your HA cluster to use the base backplane interface connected through a single FortiSwitch, the base back plane interface must be enab led as a h[...]

  • Seite 76

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 76 01-30000-85717-200812 05 Base backplane HA configurations FortiGat e-5140 and 5050 base ba ckplane communication Figure 32: FortiGate-5001SX/FortiGate-5 001F A2 HA through slot 2 (p ort10) with failover to a non-base back plane interface (port8) T o configure HA communic[...]

  • Seite 77

    FortiGate-5140 and 505 0 base backplane commun ication Base backplane HA configurations FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 77 • If interface priorities are not all equal, set the base backplane interface priority to a higher value than all other interf aces. • If interface priorit[...]

  • Seite 78

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 78 01-30000-85717-200812 05 Base backplane HA configurations FortiGat e-5140 and 5050 base ba ckplane communication This list is sorted into hash map order , rather than purely by alphabetical order or purely by interface n umber value comp ar isons. As a result, the list i[...]

  • Seite 79

    FortiGate-5140 and 505 0 base backplane commun ication Base backplane data configurations FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 79 Base backplane dat a configurations In addition to HA traffic, FortiSwitch boar ds can pass other traf fic types through or to the base backplane. Like HA sc[...]

  • Seite 80

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 80 01-30000-85717-200812 05 Base backplane data configurations FortiGat e-5140 and 505 0 base backplane communication Connecting FortiGate bo ards to the network By installing one or two FortiSwitch boards per chassis, you can connect FortiGate boards to the network or Inte[...]

  • Seite 81

    FortiGate-5020 base backplane communi cation HA configurations FortiSwitch-5003A an d 5003 Fabric and Base Backplane Communications Guide 01-30000-85717-200812 05 81 FortiGate-5020 base backplane communication The FortiGate-5020 chassis has two base backplane Ethernet channels. FortiGate mo dules inst alled in each slot can directly connect to the [...]

  • Seite 82

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 82 01-30000-85717-200812 05 HA configurations FortiGate-502 0 base backplan e communication Heartbeat failover between channels T o configure your HA cluster with a heart beat that fails over between the two base backplane inte rfaces, both bas e backplane interf aces must [...]

  • Seite 83

    FortiGate-5020 base backplane communi cation HA configurations FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 83 Figure 34: FortiGate-5005F A2 hear tbeat fa ilover between base backplane channels Figure 35: FortiGate-5001SX/F ortiGate-5001F A2 hea rtbeat failover be tween base backplane channels [...]

  • Seite 84

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 84 01-30000-85717-200812 05 Inter-chassis HA configurations FortiG ate-5020 base backp lane communication 3 On each FortiGate module to be included in the HA cluster , go to System > Config > HA . 4 Select the Mode, then enter the Group Na me, and Password. Y ou may a[...]

  • Seite 85

    FortiGate-5020 base backplane communication Inter-chassis HA configurations FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 85 Figure 36: FortiGate-5020 in ter-chassis n etwork and h eartbeat connection s Figure 37: FortiGate-5001SX/F ortiGate-5001F A2 in ter-chassis hear tbeat interf ace configur[...]

  • Seite 86

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 86 01-30000-85717-200812 05 Network configurations FortiGate- 5020 base backplan e communication Network configurations In addition to HA traff ic, the Fort iGate-5020chassis base backpla ne can pass other traf fic types, including VLAN tagge d network traf fic. FortiGate m[...]

  • Seite 87

    FortiGate-5020 base backplane communi cation Network configurations FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 87 Figure 39: Network co nnection betwee n two modules in the same c hassis PSU A PSU B PWR STA IPM CONSOLE USB 1 2 3 4 5 6 7 8 ACC PWR STA IPM CONSOLE USB 1 2 3 4 5 6 7 8 ACC base b[...]

  • Seite 88

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 88 01-30000-85717-200812 05 Network configurations FortiGate- 5020 base backplan e communication[...]

  • Seite 89

    FortiSwitch-5003A CLI reference Connecting to the CLI FortiSwitch-5003A an d 5003 Fabric and Base Backplane Communications Guide 01-30000-85717-200812 05 89 FortiSwitch-5003A CLI reference This chapter descr ibes the Fort iSwitch-5003A CLI config, execut e, and get co mmands and some diagnose commands. This ch apter also describe s how to connect t[...]

  • Seite 90

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 90 01-30000-85717-200812 05 Connecting to the CLI FortiSwitch-5003A CL I reference 6 Select the following port settings and select OK. 7 Press Enter to connect to the FortiSwitch-5003A CLI. A prompt similar to the following appears. FS5A033E08000111 login: The prompt inclu [...]

  • Seite 91

    FortiSwitch-5003A CLI reference Connecting to the CLI FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 91 Connecting to the FortiSw itch-5003A CLI using SSH Secure Shell (SSH) provides strong se cure authentication and secure communications to th e FortiSwitch-5003A CLI from your inter nal network [...]

  • Seite 92

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 92 01-30000-85717-200812 05 config FortiSwitch-5003A CL I reference config The following conf ig commands ar e available: • admin user • route sta tic • switch fabric-channel in terface • switch fabric-channel physical- port • switch fabric-channel stp inst ance ?[...]

  • Seite 93

    FortiSwitch-5003A CLI reference config FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 93 route static Use this command to add, edit, or delete static routes for the mgmt inter face. Syntax config route static edit <sequence_number> set device <interface_name> set dst <destination-a[...]

  • Seite 94

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 94 01-30000-85717-200812 05 config FortiSwitch-5003A CL I reference switch fabric-channel interface Use this command to configure the VLANs allo wed on FortiSwitch-5003A fabr ic channel interfaces. Y ou can also change the native VLAN for each interface and disable or enab [...]

  • Seite 95

    FortiSwitch-5003A CLI reference config FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 95 Example This example shows how to allow VLAN t ags 201 to 210 on slots 6, 8, and 10 and the F1 front panel interface. config switch fabric-channel interface edit "slot-6" set allowed-vlans 1,201-210[...]

  • Seite 96

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 96 01-30000-85717-200812 05 config FortiSwitch-5003A CL I reference switch fabric-channel physical-port Use this command to change the administr ative status of FortiSwitch- 5003A fabric channel interfaces (bring each interface up or do wn) and configure ea ch fabric channe[...]

  • Seite 97

    FortiSwitch-5003A CLI reference config FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 97 Examples This example shows how to enable the FortiSwitch-5003A board to listen for h eartbeat p ackets on the interfaces for chassis slots 6, 8, and 10: config switch fabric-channel physical-port edit "[...]

  • Seite 98

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 98 01-30000-85717-200812 05 config FortiSwitch-5003A CL I reference switch fabric-channel stp instance Use this command to add and configure 80 2.1s Mult i-S panning T ree Protocol (MSTP) sp anning tree instances. A sp anning tree instance consists of the followin g: • An[...]

  • Seite 99

    FortiSwitch-5003A CLI reference config FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 99 config stp-port Use this command to change th e spannin g tree cost and priority fo r each FortiSwitch-5003A in terface in a spanning tree inst ance. When you add a new spanning tree instance th e cost of eac[...]

  • Seite 100

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 100 01-30000-85717-200812 05 config FortiSwitch-5003A CL I reference switch fabric-channel stp settings Use this command to change MSTP spa nning tree ti mers, specify an MSTP reg ion name and use a revision number to track cha nges to the MSTP configur ation. All of these [...]

  • Seite 101

    FortiSwitch-5003A CLI reference config FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 101 switch fabric-channel trunk Use this command to create a trunk and add Fort iSwi tch-5003A interfaces to the trunk. Y ou use trunks to group FortiSwitch-5003A inter faces so that you can use 802.3ad st atic [...]

  • Seite 102

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 102 01-30000-85717-200812 05 config FortiSwitch-5003A CL I reference Related topics • config switch fabric-channel interface • config switch fabric-channel physical-port • config switch fabric-channel stp inst ance • config switch fabric-channel stp settings[...]

  • Seite 103

    FortiSwitch-5003A CLI reference config FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 103 system global Use this command to enable da ylight saving ti me and co nfigure the hostname and time zone for a FortiSwitch-5003A board. Syntax config system global set daylightsavetime {disable | enable} se[...]

  • Seite 104

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 104 01-30000-85717-200812 05 config FortiSwitch-5003A CL I reference system interface Use this command to change the IP address and management access setting of the FortiSwitch-5003A mgmt (managem ent) interface a nd to bring the mgmt interface up or down. Syntax config sys[...]

  • Seite 105

    FortiSwitch-5003A CLI reference execute FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 105 execute The following execute commands are availa ble: • backup • bootimage • date • factory- reset • ping • reboot • restore • shutdown • time • top • traceroute backup Back up the Fo[...]

  • Seite 106

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 106 01-30000-85717-200812 05 execute FortiSwitch-5003A CL I reference bootimage Use this command to change the firmware image used to start the FortiSwitch- 5003A board by switching between the primary or se condary firmware image. T o use this command you must install a pr[...]

  • Seite 107

    FortiSwitch-5003A CLI reference execute FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 107 date Display or set the system date. Syntax execute date [<date_str>] date_str has th e form mm/dd/yyyy , where • mm is the mont h and can be 1 to 12 • dd is the day o f the mo nth and ca n be 1 t[...]

  • Seite 108

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 108 01-30000-85717-200812 05 execute FortiSwitch-5003A CL I reference factory-reset Reset the FortiSwitch-5 003A configuration to factory default settings. Syntax execute factory-reset ! Caution: This command deletes all chan ges that you have made to the FortiSwitch-5 003A[...]

  • Seite 109

    FortiSwitch-5003A CLI reference execute FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 109 ping Send an ICMP echo request (ping) to test the network connection be tween the FortiSwitch-5003A mgmt interface and an other network device. Y ou must add a DNS server to the FortiSwitch-5 003A configura[...]

  • Seite 110

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 11 0 01-30000-85717-20081205 execute FortiSwitch-5003A CL I reference reboot Rest art the FortiSwitch-5003A boa rd. While the FortiS witch-50 03A board is reboo ting it cannot fo rward traf fic. Syntax execute reboot[...]

  • Seite 111

    FortiSwitch-5003A CLI reference execute FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 111 restore Use this command to restore th e FortiSwitch-5003A configu ration from a file on a TFTP server or change the FortiSwitch-5003A firmware. Syntax execute restore config <filename> <tftp_ipv4&[...]

  • Seite 112

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 11 2 01-30000-85717-20081205 execute FortiSwitch-5003A CL I reference shutdown Shut down the FortiSwitch-5003A board no w . Y ou will be prompted to confirm the shutdown. Syntax execute shutdown[...]

  • Seite 113

    FortiSwitch-5003A CLI reference execute FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 11 3 time Get or set the system time. Syntax execute time [<time_str>] time_str has the form hh:mm:ss , where • hh is the hour and can be 00 to 23 • mm is the minutes and can be 00 to 59 • ss is the[...]

  • Seite 114

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 11 4 01-30000-85717-20081205 execute FortiSwitch-5003A CL I reference top Display a list of processes running on the FortiSwitch-500 3A board. The command also displays information ab out each proce ss. Mem: 100168K used, 406696K free, 0K shrd , 344K buff, 75092K cached CPU[...]

  • Seite 115

    FortiSwitch-5003A CLI reference execute FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 11 5 traceroute T est the connection between the For tiSwitch-5003A board and an address or hostname and display information ab out the network hop s between the addr ess and the FortiSwitch-5003A boar d. Y ou [...]

  • Seite 116

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 11 6 01-30000-85717-20081205 get FortiSwitch-5003A CL I reference get The following get commands are av ailable: • system performance • system status system performance Use this command to display FortiSwitch-5003A CP U usage, memory usage, and USB disk usage. Syntax ge[...]

  • Seite 117

    FortiSwitch-5003A CLI reference get FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 11 7 system status Use this command to display FortiSwitch-5 003A system status informatio n including: • firmware version, build number and branch point • serial number • host name • system time and date a[...]

  • Seite 118

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 11 8 01-30000-85717-20081205 diagnose FortiSwitch-5003 A CLI reference diagnose This section describes some of the ava ilable FortiSwitch-5003A diagnose commands. Y ou can use diagnose commands for debugging the operation of the FortiSwitch- 5003A board and to set par amete[...]

  • Seite 119

    FortiSwitch-5003A CLI reference diagnose FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 11 9 spanning-tree instance fabric-channel Display the configuration of a spannin g tree instanc e for an interface. For example, to disp lay the configuration of spa nning tree instan ce 5 for the FortiSwitch[...]

  • Seite 120

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 120 01-30000-85717-200812 05 diagnose FortiSwitch-5003 A CLI reference spanning-tree mst-config fabric-channel Display the FortiSwitch-5003 A fabric channel MSTP config uration. Syntax diagnose spanning-tree mst-config fabric-channel Example output MST Configuration Identif[...]

  • Seite 121

    FortiSwitch-5003A CLI reference diagnose FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 121 switch fabric-channel mac-address filter Filter the FortiSwitch-5003A MAC addresses. Syntax diagnose switch fabric-channel mac-address filter <filter> Where <filter> can be: • clear clear fil[...]

  • Seite 122

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 122 01-30000-85717-200812 05 diagnose FortiSwitch-5003 A CLI reference switch fabric-channel mac-address list V erify the FortiSwitch-5003A MAC addr ess table. Syntax diagnose switch fabric-channel mac-address list Example output MAC: 00:09:0f:09:37:02 VLAN: 904 Trunk: slot[...]

  • Seite 123

    Index FortiSwitch-5003A an d 5003 Fabric and Base Backplane Communications Guide 01-30000-85717-200812 05 123 Index Numerics 802.1q VLANs 33, 36, 56, 59 802.1s Multi-Spanning Tree Protocol 36, 59, 98 802.3ad dynamic mode layer-2 li nk aggregation 8, 33, 56 802.3ad static mode layer-2 link aggregation 8, 33, 36, 56, 59, 101 A active-active redundant[...]

  • Seite 124

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 124 01-30000-85717-200812 05 Index fabric channel 1 24 channel 1 and 2 26, 49 channel 2 48 connection between F ortiSwit ch-5003A boards 27, 50 gigabit switching be tween chassis 27, 50 gigabit switching to the network 29, 52 gigabit switching within a chassis 24, 48 fabric[...]

  • Seite 125

    Index FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 125 hops maximum 100 MSTP max-hops 100 hostname FortiSwitch-5003A 10 3 hub/switch slots 24, 48 hub/switch slot 1 23, 47, 67, 72, 73, 76, 77, 79 hub/switch slot 2 23, 47, 67, 68, 72, 73, 76, 77, 79 hub/switch slot number 23, 47 , 67 hub/switch s[...]

  • Seite 126

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 126 01-30000-85717-200812 05 Index restore CLI command 111 revision 100 MSTP revision number 100 robustness 77 route static CLI command 93 S show backplane interface s 25, 28, 30, 49, 51, 53 shutdown CLI command 112 single point of failure 74, 77 slot hub/switch 24, 48 slot[...]

  • Seite 127

    For more information Fortinet documentation FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 127 For more information Support for you r Fortinet prod uct is available as onlin e help from within the web-based manager, fro m the T ools and Document ation CD included with the product, on the Fortinet[...]

  • Seite 128

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 01-30000-85717-200812 05 www.fortinet.com © Copyright 2008 Fortinet, Inc. All rights rese rved. No part of this publicatio n including text, examples, diagrams or illustrations may be reproduced, transmitted, or tran slated in any form or by any means, electronic, mechanic[...]