Fortinet 5003 manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128

Ir a la página of

Buen manual de instrucciones

Las leyes obligan al vendedor a entregarle al comprador, junto con el producto, el manual de instrucciones Fortinet 5003. La falta del manual o facilitar información incorrecta al consumidor constituyen una base de reclamación por no estar de acuerdo el producto con el contrato. Según la ley, está permitido adjuntar un manual de otra forma que no sea en papel, lo cual últimamente es bastante común y los fabricantes nos facilitan un manual gráfico, su versión electrónica Fortinet 5003 o vídeos de instrucciones para usuarios. La condición es que tenga una forma legible y entendible.

¿Qué es un manual de instrucciones?

El nombre proviene de la palabra latina “instructio”, es decir, ordenar. Por lo tanto, en un manual Fortinet 5003 se puede encontrar la descripción de las etapas de actuación. El propósito de un manual es enseñar, facilitar el encendido o el uso de un dispositivo o la realización de acciones concretas. Un manual de instrucciones también es una fuente de información acerca de un objeto o un servicio, es una pista.

Desafortunadamente pocos usuarios destinan su tiempo a leer manuales Fortinet 5003, sin embargo, un buen manual nos permite, no solo conocer una cantidad de funcionalidades adicionales del dispositivo comprado, sino también evitar la mayoría de fallos.

Entonces, ¿qué debe contener el manual de instrucciones perfecto?

Sobre todo, un manual de instrucciones Fortinet 5003 debe contener:
- información acerca de las especificaciones técnicas del dispositivo Fortinet 5003
- nombre de fabricante y año de fabricación del dispositivo Fortinet 5003
- condiciones de uso, configuración y mantenimiento del dispositivo Fortinet 5003
- marcas de seguridad y certificados que confirmen su concordancia con determinadas normativas

¿Por qué no leemos los manuales de instrucciones?

Normalmente es por la falta de tiempo y seguridad acerca de las funcionalidades determinadas de los dispositivos comprados. Desafortunadamente la conexión y el encendido de Fortinet 5003 no es suficiente. El manual de instrucciones siempre contiene una serie de indicaciones acerca de determinadas funcionalidades, normas de seguridad, consejos de mantenimiento (incluso qué productos usar), fallos eventuales de Fortinet 5003 y maneras de solucionar los problemas que puedan ocurrir durante su uso. Al final, en un manual se pueden encontrar los detalles de servicio técnico Fortinet en caso de que las soluciones propuestas no hayan funcionado. Actualmente gozan de éxito manuales de instrucciones en forma de animaciones interesantes o vídeo manuales que llegan al usuario mucho mejor que en forma de un folleto. Este tipo de manual ayuda a que el usuario vea el vídeo entero sin saltarse las especificaciones y las descripciones técnicas complicadas de Fortinet 5003, como se suele hacer teniendo una versión en papel.

¿Por qué vale la pena leer los manuales de instrucciones?

Sobre todo es en ellos donde encontraremos las respuestas acerca de la construcción, las posibilidades del dispositivo Fortinet 5003, el uso de determinados accesorios y una serie de informaciones que permiten aprovechar completamente sus funciones y comodidades.

Tras una compra exitosa de un equipo o un dispositivo, vale la pena dedicar un momento para familiarizarse con cada parte del manual Fortinet 5003. Actualmente se preparan y traducen con dedicación, para que no solo sean comprensibles para los usuarios, sino que también cumplan su función básica de información y ayuda.

Índice de manuales de instrucciones

  • Página 1

    FortiSwitch-5003A and 5003 Fab ric and Base Backplane Communications Guide 01-30000-857 17-20081205 MANAGEMENT SYSTEM E1 ZRE LED MODE 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0 E0 OK CLK INT EXT FL T HOT SWAP RESET FL T CONSOLE E T H O R S 2 3 2 Z R E 0 Z R E 1 Z R E 2 FortiSwitch-5003A and 5003 Fabric and Base Backplane Communications Guide This FortiS[...]

  • Página 2

    FortiSwitch-5003A an d 5003 Fabric and Base Backplane Communi cations Guide 01-30000-85717-20 081205 W arnings and cautions Only trained and qual ified personnel shou ld be allo wed to install or maintain FortiGate-5000 series equipment. Read and comply with all warning s, cautions and notices in this document. • T urning off all po wer switches [...]

  • Página 3

    Contents FortiSwitch-5003A an d 5003 Fabric and Base Backplane Communications Guide 01-30000-85717-200812 05 3 Contents Warnings and cautions .............. ................ ............. ................ ............. ............. 2 Introduction ....................... .............................. ................... 7 About this document .....[...]

  • Página 4

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 4 01-30000-85717-200812 05 Contents FortiGate-5050 fabric backpla ne communication ........ 47 Fabric gigabit switching within a chassi s ....................... ................ .............. 48 Fabric channel connecti ons between FortiSwitch-5003A boards .............. 5[...]

  • Página 5

    Contents FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 5 config ........... ............. ................ ............. ............. ................ ............. ............. .... 92 admin user ................... ............. ............. ................ ............. ............. ....[...]

  • Página 6

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 6 01-30000-85717-200812 05 Contents[...]

  • Página 7

    Introduction About this document FortiSwitch-5003A an d 5003 Fabric and Base Backplane Communications Guide 01-30000-85717-200812 05 7 Introduction This FortiSwitch-5003A an d 5003 Fabric and Base Backplane Communication s Guide contains informatio n, instructions an d example configurations for the ba se and fabric backplane channels and inter fac[...]

  • Página 8

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 8 01-30000-85717-200812 05 Revision history Introduction • FortiGate-5140 and 50 50 base backpla ne communication descr ibes supported configurations and features for Fo rtiGate-5 140 and 5050 chassis base backplane communications. • FortiGate-5020 base backplane commun[...]

  • Página 9

    FortiSwitch-5003A system FortiSwitch-5003A an d 5003 Fabric and Base Backplane Communications Guide 01-30000-85717-200812 05 9 FortiSwitch-5003A system The FortiSwitch-5003A boa rd provides 10/1-gigabit fabr ic backplane channel layer-2 switch ing and 1- gigabit base b a ckplane channel layer- 2 switching in a dual star architecture fo r the FortiG[...]

  • Página 10

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 10 01-30000-85717-200812 05 Front panel LEDs and connectors FortiSwitch-5003A system Figure 1: FortiSwitch-5 003A front p anel • One front p anel base backplane 10- gig abit optical or copper SFP+ interface (BASE 10G) that connects to the base backplane channel • Eight [...]

  • Página 11

    FortiSwitch-5003A system Front panel LEDs and connectors FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 11 LEDs Ta b l e 2 lists and describ es the FortiSwitch-5003A fron t panel LEDs. T able 2: Fo rtiSwitch-5003A front panel LEDs and switches LED St ate Descripti on OOS (Out of Service) Off Norm[...]

  • Página 12

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 12 01-30000-85717-200812 05 Front panel LEDs and connectors FortiSwitch-5003A system Base channel interfaces Ta b l e 3 lists and describes the FortiSwit ch-5003A base backplane chan nel interfaces. The base backplane i nterfaces are not configurable or visible from th e Fo[...]

  • Página 13

    FortiSwitch-5003A system Front panel LEDs and connectors FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 13 Fabric channel interfaces Ta b l e 4 lists and describ es the FortiSwitch-5003A fabr ic channel interfaces. Y ou can configure fabric interface settings, group fabric interfaces into trunks,[...]

  • Página 14

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 14 01-30000-85717-200812 05 FortiSwitch-5003 A configurations FortiSwitch-5003A system Front panel connectors Ta b l e 6 lists and describes the For tiSwitch-5003A front panel connectors . FortiSwitch-5003A configurations Y ou can operate the FortiSwitch-5003A b oard as a f[...]

  • Página 15

    FortiSwitch-5003A system FortiSwitch-5003A configurations FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 15 Figure 4: FortiSwitch-5003A base channel 1 HA heartbeat co mmunication Fabric 10-gigabit sw itching within a chassis One FortiGate-R TM-XB2 provides 10-gigabit con nections to both FortiGat[...]

  • Página 16

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 16 01-30000-85717-200812 05 FortiSwitch-5003 A configurations FortiSwitch-5003A system Layer-2 link aggregation a nd redundancy configurations The FortiSwitch-5003A board suppor ts 802.3ad st atic mode layer-2 link aggregation, 802.1q VLANs, and 802.1s Multi-S panning T ree[...]

  • Página 17

    FortiSwitch-5003 system Front panel LEDs and connectors FortiSwitch-5003A an d 5003 Fabric and Base Backplane Communications Guide 01-30000-85717-200812 05 17 FortiSwitch-5003 system The FortiSwitch-5003 bo ard provides base backplan e interface switching for the FortiGate-5140 ch assis and the FortiG ate-5050 cha ssis. Y ou can use this switching [...]

  • Página 18

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 18 01-30000-85717-200812 05 Front panel LEDs and connectors FortiSwitch-5003 system Figure 7: FortiSwitch-5003 front panel LEDs Ta b l e 7 lists and describes the For tiSwitch-5003 bo ard front panel LEDs. MANAGEMENT SYSTEM E1 ZRE LED MODE 15 14 13 12 11 10 9 8 7 6 5 4 3 2 [...]

  • Página 19

    FortiSwitch-5003 system Front panel LEDs and connectors FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 19 About the ZRE n etwork activity LED s The ZRE network activity LEDs show links and network activity for the interfaces and connections listed in Ta b l e 8 . Figure 8: FortiSwitch-5003 ZRE ne[...]

  • Página 20

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 20 01-30000-85717-200812 05 Base backplane communications FortiSwitch-5003 system Connectors Ta b l e 9 lists and describes the For tiSwitch-5003 fr ont panel connectors . Base backplane communications This section provides a brief introducti on to using FortiSwitch -5003 b[...]

  • Página 21

    FortiSwitch-5003 system Base backplane communicati ons FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 21 In a single chassis, more than one cluster can use the same base backplane interface for HA heartbeat communication. T o separate heartbeat communication for multiple clusters on the same base[...]

  • Página 22

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 22 01-30000-85717-200812 05 Base backplane communications FortiSwitch-5003 system[...]

  • Página 23

    FortiGate-5140 fabric backplane communication FortiSwitch-5003A an d 5003 Fabric and Base Backplane Communications Guide 01-30000-85717-200812 05 23 FortiGate-5140 fabric backplane communication The FortiGate-5140 chassis has two fabric backplane Ethernet ch annels that can operate at 1 Gbps or 10 Gbps. A vailable connections to these channe ls var[...]

  • Página 24

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 24 01-30000-85717-200812 05 Fabric gigabit switching withi n a chassis F ortiGate-5140 fabric ba ckp lane communication This section describes: • Fabric gigabit switching within a chassis • Fabric channel connecti ons bet ween FortiSwitch-5003A boards • Fabric gigabit[...]

  • Página 25

    FortiGate-5140 fabric backplane communication Fabric gigabit switching within a chassis FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 25 The chassis can be connecte d to the network usin g any of the FortiGate-50 01A front panel interfaces. Y ou can also conn ect FortiSwitch-5003A front p anel f[...]

  • Página 26

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 26 01-30000-85717-200812 05 Fabric gigabit switching withi n a chassis F ortiGate-5140 fabric ba ckp lane communication Figure 10: FortiGate-5140 fabric cha nnel 1 and 2 data communication For the FortiGate boards to use the fabric channels 1 and 2 for dat a communication y[...]

  • Página 27

    FortiGate-5140 fabric backplane communication Fabric channel connections be tween FortiSwitch-5003 A boards FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 27 Fabric channel connections be tween FortiSwitch-5003A boards When two FortiSwitch-5003A boards are inst alled in a single ch assis their fa[...]

  • Página 28

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 28 01-30000-85717-200812 05 Fabric gigabit switching between chassis For tiGate-5140 fabric backp lane communication The chas sis can be co nnected to the netw ork using an y of the FortiGate f ront panel inte rfaces. Y ou can also connect FortiSwitch- 5003A front p anel fa[...]

  • Página 29

    FortiGate-5140 fabric ba ckplane communicatio n Fabric gigabit switching to the network FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 29 If the data traffic co ntains VLAN- tagged p ackets, you must add the VLAN tags to the FortiSwitch-5003A interf aces that will handle the VLAN-tagged traffic. [...]

  • Página 30

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 30 01-30000-85717-200812 05 Fabric gigabit switching to the network Fort iGate-5140 fabric backplane commun ication Figure 12: Fabric chan nel 2 conne cted to an interna l network and fabric channe l 1 connected to an external network For the FortiGate-5001A boards to use t[...]

  • Página 31

    FortiGate-5140 fabric ba ckplane communication Fabric 10-gigabit switching within a chassis FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 31 Fabric 10-gigabit switching within a chassis All of the FortiSwitch-5003A fabric fro nt pa nel interfaces ar e 10-gigabit inte rfaces and the FortiSwitch-5[...]

  • Página 32

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 32 01-30000-85717-200812 05 Fabric 10-gigabit switching within a chassi s For tiGate-5 140 fabric backplane communication Figure 13: Example 10-gigabit connectio n between internal and external ne tworks If the dat a traffic con tains VLAN-t agged pa ckets, you mu st add th[...]

  • Página 33

    FortiGate-5140 fabri c backplane communicat ion Fabric channel layer-2 link aggrega tion FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 33 Fabric channel layer-2 link aggregation FortiSwitch-5003A boards suppo rt 802.3ad static mode layer -2 link aggregati on and 802.1q VLANs for the fabric chan [...]

  • Página 34

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 34 01-30000-85717-200812 05 Fabric channel layer-2 link aggregation Forti Gate-5140 fabric ba ckplane communication Because the FortiGate-5000 b oards in a lin k aggrega tion configuration oper ate in transp arent mode, any ro uting, VPN or NA T requirement s should be hand[...]

  • Página 35

    FortiGate-5140 fabri c backplane communicat ion Fabric channel layer-2 link aggrega tion FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 35 The FortiSwitch-5003A co nfiguration consist s of adding a trunk named trunk_6 that aggregates backp lane slots 6 , 8, 9, 10, 1 1, and 13: config switch fabri[...]

  • Página 36

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 36 01-30000-85717-200812 05 Fabric channel layer-2 link aggregation and redunda nc y FortiGate-5140 fabric ba ckplane communication Y ou must also enable the FortiSwitch-5003A board to listen for hear tbeat packet s on all of the interfaces connected to For tiGate-5001A boa[...]

  • Página 37

    FortiGate-5140 fabric backplane communication Exam ple active-passive redundant link configu ration FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 37 The configuration of the sp anning tree instances dete rmines whether you create an active-passive or ac tive-active configuration: • For an acti[...]

  • Página 38

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 38 01-30000-85717-200812 05 Example active-passive redundant link configuratio n FortiGate-5140 fabric ba ckplane communication All of the FortiGate-5001A boards must be oper ating in transparent mode and all must have the same configur ation. In this redundant configuratio[...]

  • Página 39

    FortiGate-5140 fabric backplane communication Exam ple active-passive redundant link configu ration FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 39 2 Configure the switch to add VLAN tag 103 and 104 to p ackets from the internal networks and VLAN tag 105 and 106 to p ackets from the external ne[...]

  • Página 40

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 40 01-30000-85717-200812 05 Example active-passive redundant link configuratio n FortiGate-5140 fabric ba ckplane communication 3 Add two spanning tree instances num bered the same as the instan ces added to the switch (3 and 5). Add the VLAN t ags to the instance s and set[...]

  • Página 41

    FortiGate-5140 fabric backplane communication Exam ple active-passive redundant link configu ration FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 41 Verifying the MSTP configurat ion of the FortiSwitch-5003A board in slot 1 Enter diagnose spanning-tree mst-con fig fabric-channel to display the F[...]

  • Página 42

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 42 01-30000-85717-200812 05 Example active-passive redundant link configuratio n FortiGate-5140 fabric ba ckplane communication Example configuration for the FortiS witch-50 03A board in slot 2 The FortiSwitch-5003A b oard in slot 2 re quir es the same configuration setting[...]

  • Página 43

    FortiGate-5140 fabric backplane communication Exam ple active-passive redundant link configu ration FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 43 Example FortiGate- 5001A configuration All of the FortiGate-5001A boards must be ope rating in transpare nt mode and all must have the same configu[...]

  • Página 44

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 44 01-30000-85717-200812 05 Example active-active redundant link configur ation FortiGate-5140 fabric ba ckplane communication edit vlan_fab2_105 set interface fabric2 set vlanid 105 set vdom root etc... next edit vlan_fab2_106 set interface fabric2 set vlanid 106 set vdom [...]

  • Página 45

    FortiGate-5140 fabri c backplane communicatio n Exam ple active-active redundant link co nfiguration FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 45 edit 5 set priority 4096 set vlan-range 105-106 end Verifying the spanning tr ee configuration of the For tiSwitch-5003A board in slot 1 T o displ[...]

  • Página 46

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 46 01-30000-85717-200812 05 Example active-active redundant link configur ation FortiGate-5140 fabric ba ckplane communication[...]

  • Página 47

    FortiGate-5050 fabric backplane communication FortiSwitch-5003A an d 5003 Fabric and Base Backplane Communications Guide 01-30000-85717-200812 05 47 FortiGate-5050 fabric backplane communication The FortiGate-5505 chassis has two fabric backplane Ethernet ch annels that can operate at 1 Gbps or 10 Gbps. A vailable connections to these channe ls var[...]

  • Página 48

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 48 01-30000-85717-200812 05 Fabric gigabit switching withi n a chassis F ortiGate-5050 fabric ba ckp lane communication This section describes: • Fabric gigabit switching within a chassis • Fabric channel connecti ons bet ween FortiSwitch-5003A boards • Fabric gigabit[...]

  • Página 49

    FortiGate-5050 fabric backplane communication Fabric gigabit switching within a chassis FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 49 For the For tiGate-500 1A boards to use the fabric channel 2 for dat a communication you must show backplane interfaces on the FortiGate-5001A web-based manage[...]

  • Página 50

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 50 01-30000-85717-200812 05 Fabric channel connecti ons between FortiSwitch-5003A boards FortiGate-5 050 fabric backplan e communication If the dat a traffic con tains VLAN-t agged pa ckets, you mu st add the VLAN tags to the FortiSwitch-5003A inte rfaces that will handle t[...]

  • Página 51

    FortiGate-5050 fabric ba ckplane communicatio n Fabric gigabit switchi ng between chassis FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 51 Figure 18 shows dat a communication between two FortiGate-50 50 chassis using fabric channel 2. The top chas sis in the figure cont ains a FortiSwitch-500 3A[...]

  • Página 52

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 52 01-30000-85717-200812 05 Fabric gigabit switching to the network Fort iGate-5050 fabric backplane commun ication If the dat a traffic con tains VLAN-t agged pa ckets, you mu st add the VLAN tags to the FortiSwitch-5003A inte rfaces that will handle the VLAN-tagged traf f[...]

  • Página 53

    FortiGate-5050 fabric ba ckplane communicatio n Fabric gigabit switching to the network FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 53 Figure 19: Fabric channel 2 co nnected to an internal ne twork and fabric channel 1 connected to an external network If you have two FortiSwitch-5003A boards i[...]

  • Página 54

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 54 01-30000-85717-200812 05 Fabric 10-gigabit switching within a chassi s For tiGate-5 050 fabric backplane communication Fabric 10-gigabit sw itching within a chassis All of the FortiSwitch-5003A fabric front pa nel interfaces ar e 10-gigabit interfaces and the FortiSwitch[...]

  • Página 55

    FortiGate-5050 fabric ba ckplane communication Fabric 10-gigabit switching within a chassis FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 55 Figure 20: E xample 10-gigabit connection be tween internal and extern al networks The configuration shown in Figure 20 req uires no configuration ch anges[...]

  • Página 56

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 56 01-30000-85717-200812 05 Fabric channel layer-2 link aggregation Forti Gate-5050 fabric ba ckplane communication Fabric channel layer-2 link aggregation FortiSwitch-5003A boards supp ort 802.3ad st atic mode layer-2 link aggre gation and 802.1q VLANs for the fabric chan [...]

  • Página 57

    FortiGate-5050 fabri c backplane communicat ion Fabric channel layer-2 link aggrega tion FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 57 Because the FortiGate-5 000 boards in a link a ggregation configurat ion operate in transparent mode, an y routing, VPN or NA T requirem ents should be handed[...]

  • Página 58

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 58 01-30000-85717-200812 05 Fabric channel layer-2 link aggregation Forti Gate-5050 fabric ba ckplane communication The For tiSwitch-5003A configurat ion consists of ad ding a trun k named trunk_345 that aggregates backpl ane slot s 3, 4, and 5: config switch fabric-channel[...]

  • Página 59

    FortiGate-5050 fabri c backplane communicatio n Fabr ic channel layer-2 link aggregati on and redundancy FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 59 Y ou must also enable the FortiSwitch -5003A board to liste n for heartbeat p ackets on all of the interfaces connected to FortiGate-5001A boa[...]

  • Página 60

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 60 01-30000-85717-200812 05 Example active-passive redundant link configuratio n FortiGate-5050 fabric ba ckplane communication • For an active-active configuration, yo u create two or more sp anning tree instances on all three devices and give some instances a highe r pr[...]

  • Página 61

    FortiGate-5050 fabric backplane communication Exam ple active-passive redundant link configu ration FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 61 Figure 22: Redundant link aggre gation confi guration External switch configuration The external switch requires the follo wing co nfiguration sett[...]

  • Página 62

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 62 01-30000-85717-200812 05 Example active-passive redundant link configuratio n FortiGate-5050 fabric ba ckplane communication 4 Add spanning tre e instance 5 for p ackets fro m the external networks. Add VLAN tags 101 to this sp anning tree instance . Set the priority of [...]

  • Página 63

    FortiGate-5050 fabric backplane communication Exam ple active-passive redundant link configu ration FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 63 6 Enable the FortiSwitch-5003 A board to listen for heartbeat p ackets on the interfaces connecte d to FortiGate-5001A boards: config switch fabric[...]

  • Página 64

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 64 01-30000-85717-200812 05 Example active-passive redundant link configuratio n FortiGate-5050 fabric ba ckplane communication Example configuration for the FortiS witch-50 03A board in slot 2 The FortiSwitch-5003A b oard in slot 2 re quir es the same configuration setting[...]

  • Página 65

    FortiGate-5050 fabric backplane communication Exam ple active-passive redundant link configu ration FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 65 Example FortiGate- 5001A configuration All of the FortiGate-5001A boards must be ope rating in transpare nt mode and all must have the same configu[...]

  • Página 66

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 66 01-30000-85717-200812 05 Example active-active redundant link configur ation FortiGate-5050 fabric ba ckplane communication Example active-active redundant link configuration Y ou can make th e previous e xample an ac tive-active redundant link configur ation that sends [...]

  • Página 67

    FortiGate-5140 and 505 0 base backplane communication FortiSwitch-5003A an d 5003 Fabric and Base Backplane Communications Guide 01-30000-85717-200812 05 67 FortiGate-5140 and 5050 base backplane communication The FortiGate-5140 chassis and the FortiGate-5050 chassis have two base backplane Ethernet ch annels. Available con nections to these channe[...]

  • Página 68

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 68 01-30000-85717-200812 05 Base channel connections between Fo rtiSwitch-5003A bo ards FortiGate-5140 and 505 0 bas e backplan e communication This section cont ains example base chan nel HA and network configura tions for each hardware combination. It also di scusses how [...]

  • Página 69

    FortiGate-5140 and 505 0 base backplane commun ication Base backplane HA configurations FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 69 It makes no difference which Fort iSwitch- 5003A base front pane l interfaces you use to link the base channels. Y ou can con nect an Ethernet cable, either st[...]

  • Página 70

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 70 01-30000-85717-200812 05 Base backplane HA configurations FortiGat e-5140 and 5050 base ba ckplane communication • Separate multiple sensitive or high volume communications, such as HA communications for multiple clusters. For example, if you have two busy FortiGate-50[...]

  • Página 71

    FortiGate-5140 and 505 0 base backplane commun ication Base backplane HA configurations FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 71 Figure 26: F ortiGate-5140 inter-chassis HA cluster us ing both base backplan e heartbeat interfaces (through FortiSwitch-5003A boards in hu b/switch slots 1 a[...]

  • Página 72

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 72 01-30000-85717-200812 05 Base backplane HA configurations FortiGat e-5140 and 5050 base ba ckplane communication Figure 27: FortiGate-5005FA2 heartbeat failo ver from hub/switch slot 1 (base1) to hub/switch slot 2 (base2) Figure 28: FortiGate-5001SX/FortiGate -5001F A 2 [...]

  • Página 73

    FortiGate-5140 and 505 0 base backplane commun ication Base backplane HA configurations FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 73 T o configure HA interface failover to use two FortiSwitch boar ds 1 Insert the FortiSwitch boards into chassis hub/switch sl ot 1 and hub/switch slot 2. If yo[...]

  • Página 74

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 74 01-30000-85717-200812 05 Base backplane HA configurations FortiGat e-5140 and 5050 base ba ckplane communication Figure 29: FortiGate-5050 HA cluster with on e available b ase backplane heartbeat interface (through a FortiSwitc h-5003A board in slot 2) Figure 30: FortiGa[...]

  • Página 75

    FortiGate-5140 and 505 0 base backplane commun ication Base backplane HA configurations FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 75 T o configure your HA cluster to use the base backplane interface connected through a single FortiSwitch, the base back plane interface must be enab led as a h[...]

  • Página 76

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 76 01-30000-85717-200812 05 Base backplane HA configurations FortiGat e-5140 and 5050 base ba ckplane communication Figure 32: FortiGate-5001SX/FortiGate-5 001F A2 HA through slot 2 (p ort10) with failover to a non-base back plane interface (port8) T o configure HA communic[...]

  • Página 77

    FortiGate-5140 and 505 0 base backplane commun ication Base backplane HA configurations FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 77 • If interface priorities are not all equal, set the base backplane interface priority to a higher value than all other interf aces. • If interface priorit[...]

  • Página 78

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 78 01-30000-85717-200812 05 Base backplane HA configurations FortiGat e-5140 and 5050 base ba ckplane communication This list is sorted into hash map order , rather than purely by alphabetical order or purely by interface n umber value comp ar isons. As a result, the list i[...]

  • Página 79

    FortiGate-5140 and 505 0 base backplane commun ication Base backplane data configurations FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 79 Base backplane dat a configurations In addition to HA traffic, FortiSwitch boar ds can pass other traf fic types through or to the base backplane. Like HA sc[...]

  • Página 80

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 80 01-30000-85717-200812 05 Base backplane data configurations FortiGat e-5140 and 505 0 base backplane communication Connecting FortiGate bo ards to the network By installing one or two FortiSwitch boards per chassis, you can connect FortiGate boards to the network or Inte[...]

  • Página 81

    FortiGate-5020 base backplane communi cation HA configurations FortiSwitch-5003A an d 5003 Fabric and Base Backplane Communications Guide 01-30000-85717-200812 05 81 FortiGate-5020 base backplane communication The FortiGate-5020 chassis has two base backplane Ethernet channels. FortiGate mo dules inst alled in each slot can directly connect to the [...]

  • Página 82

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 82 01-30000-85717-200812 05 HA configurations FortiGate-502 0 base backplan e communication Heartbeat failover between channels T o configure your HA cluster with a heart beat that fails over between the two base backplane inte rfaces, both bas e backplane interf aces must [...]

  • Página 83

    FortiGate-5020 base backplane communi cation HA configurations FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 83 Figure 34: FortiGate-5005F A2 hear tbeat fa ilover between base backplane channels Figure 35: FortiGate-5001SX/F ortiGate-5001F A2 hea rtbeat failover be tween base backplane channels [...]

  • Página 84

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 84 01-30000-85717-200812 05 Inter-chassis HA configurations FortiG ate-5020 base backp lane communication 3 On each FortiGate module to be included in the HA cluster , go to System > Config > HA . 4 Select the Mode, then enter the Group Na me, and Password. Y ou may a[...]

  • Página 85

    FortiGate-5020 base backplane communication Inter-chassis HA configurations FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 85 Figure 36: FortiGate-5020 in ter-chassis n etwork and h eartbeat connection s Figure 37: FortiGate-5001SX/F ortiGate-5001F A2 in ter-chassis hear tbeat interf ace configur[...]

  • Página 86

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 86 01-30000-85717-200812 05 Network configurations FortiGate- 5020 base backplan e communication Network configurations In addition to HA traff ic, the Fort iGate-5020chassis base backpla ne can pass other traf fic types, including VLAN tagge d network traf fic. FortiGate m[...]

  • Página 87

    FortiGate-5020 base backplane communi cation Network configurations FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 87 Figure 39: Network co nnection betwee n two modules in the same c hassis PSU A PSU B PWR STA IPM CONSOLE USB 1 2 3 4 5 6 7 8 ACC PWR STA IPM CONSOLE USB 1 2 3 4 5 6 7 8 ACC base b[...]

  • Página 88

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 88 01-30000-85717-200812 05 Network configurations FortiGate- 5020 base backplan e communication[...]

  • Página 89

    FortiSwitch-5003A CLI reference Connecting to the CLI FortiSwitch-5003A an d 5003 Fabric and Base Backplane Communications Guide 01-30000-85717-200812 05 89 FortiSwitch-5003A CLI reference This chapter descr ibes the Fort iSwitch-5003A CLI config, execut e, and get co mmands and some diagnose commands. This ch apter also describe s how to connect t[...]

  • Página 90

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 90 01-30000-85717-200812 05 Connecting to the CLI FortiSwitch-5003A CL I reference 6 Select the following port settings and select OK. 7 Press Enter to connect to the FortiSwitch-5003A CLI. A prompt similar to the following appears. FS5A033E08000111 login: The prompt inclu [...]

  • Página 91

    FortiSwitch-5003A CLI reference Connecting to the CLI FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 91 Connecting to the FortiSw itch-5003A CLI using SSH Secure Shell (SSH) provides strong se cure authentication and secure communications to th e FortiSwitch-5003A CLI from your inter nal network [...]

  • Página 92

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 92 01-30000-85717-200812 05 config FortiSwitch-5003A CL I reference config The following conf ig commands ar e available: • admin user • route sta tic • switch fabric-channel in terface • switch fabric-channel physical- port • switch fabric-channel stp inst ance ?[...]

  • Página 93

    FortiSwitch-5003A CLI reference config FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 93 route static Use this command to add, edit, or delete static routes for the mgmt inter face. Syntax config route static edit <sequence_number> set device <interface_name> set dst <destination-a[...]

  • Página 94

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 94 01-30000-85717-200812 05 config FortiSwitch-5003A CL I reference switch fabric-channel interface Use this command to configure the VLANs allo wed on FortiSwitch-5003A fabr ic channel interfaces. Y ou can also change the native VLAN for each interface and disable or enab [...]

  • Página 95

    FortiSwitch-5003A CLI reference config FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 95 Example This example shows how to allow VLAN t ags 201 to 210 on slots 6, 8, and 10 and the F1 front panel interface. config switch fabric-channel interface edit "slot-6" set allowed-vlans 1,201-210[...]

  • Página 96

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 96 01-30000-85717-200812 05 config FortiSwitch-5003A CL I reference switch fabric-channel physical-port Use this command to change the administr ative status of FortiSwitch- 5003A fabric channel interfaces (bring each interface up or do wn) and configure ea ch fabric channe[...]

  • Página 97

    FortiSwitch-5003A CLI reference config FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 97 Examples This example shows how to enable the FortiSwitch-5003A board to listen for h eartbeat p ackets on the interfaces for chassis slots 6, 8, and 10: config switch fabric-channel physical-port edit "[...]

  • Página 98

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 98 01-30000-85717-200812 05 config FortiSwitch-5003A CL I reference switch fabric-channel stp instance Use this command to add and configure 80 2.1s Mult i-S panning T ree Protocol (MSTP) sp anning tree instances. A sp anning tree instance consists of the followin g: • An[...]

  • Página 99

    FortiSwitch-5003A CLI reference config FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 99 config stp-port Use this command to change th e spannin g tree cost and priority fo r each FortiSwitch-5003A in terface in a spanning tree inst ance. When you add a new spanning tree instance th e cost of eac[...]

  • Página 100

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 100 01-30000-85717-200812 05 config FortiSwitch-5003A CL I reference switch fabric-channel stp settings Use this command to change MSTP spa nning tree ti mers, specify an MSTP reg ion name and use a revision number to track cha nges to the MSTP configur ation. All of these [...]

  • Página 101

    FortiSwitch-5003A CLI reference config FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 101 switch fabric-channel trunk Use this command to create a trunk and add Fort iSwi tch-5003A interfaces to the trunk. Y ou use trunks to group FortiSwitch-5003A inter faces so that you can use 802.3ad st atic [...]

  • Página 102

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 102 01-30000-85717-200812 05 config FortiSwitch-5003A CL I reference Related topics • config switch fabric-channel interface • config switch fabric-channel physical-port • config switch fabric-channel stp inst ance • config switch fabric-channel stp settings[...]

  • Página 103

    FortiSwitch-5003A CLI reference config FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 103 system global Use this command to enable da ylight saving ti me and co nfigure the hostname and time zone for a FortiSwitch-5003A board. Syntax config system global set daylightsavetime {disable | enable} se[...]

  • Página 104

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 104 01-30000-85717-200812 05 config FortiSwitch-5003A CL I reference system interface Use this command to change the IP address and management access setting of the FortiSwitch-5003A mgmt (managem ent) interface a nd to bring the mgmt interface up or down. Syntax config sys[...]

  • Página 105

    FortiSwitch-5003A CLI reference execute FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 105 execute The following execute commands are availa ble: • backup • bootimage • date • factory- reset • ping • reboot • restore • shutdown • time • top • traceroute backup Back up the Fo[...]

  • Página 106

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 106 01-30000-85717-200812 05 execute FortiSwitch-5003A CL I reference bootimage Use this command to change the firmware image used to start the FortiSwitch- 5003A board by switching between the primary or se condary firmware image. T o use this command you must install a pr[...]

  • Página 107

    FortiSwitch-5003A CLI reference execute FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 107 date Display or set the system date. Syntax execute date [<date_str>] date_str has th e form mm/dd/yyyy , where • mm is the mont h and can be 1 to 12 • dd is the day o f the mo nth and ca n be 1 t[...]

  • Página 108

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 108 01-30000-85717-200812 05 execute FortiSwitch-5003A CL I reference factory-reset Reset the FortiSwitch-5 003A configuration to factory default settings. Syntax execute factory-reset ! Caution: This command deletes all chan ges that you have made to the FortiSwitch-5 003A[...]

  • Página 109

    FortiSwitch-5003A CLI reference execute FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 109 ping Send an ICMP echo request (ping) to test the network connection be tween the FortiSwitch-5003A mgmt interface and an other network device. Y ou must add a DNS server to the FortiSwitch-5 003A configura[...]

  • Página 110

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 11 0 01-30000-85717-20081205 execute FortiSwitch-5003A CL I reference reboot Rest art the FortiSwitch-5003A boa rd. While the FortiS witch-50 03A board is reboo ting it cannot fo rward traf fic. Syntax execute reboot[...]

  • Página 111

    FortiSwitch-5003A CLI reference execute FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 111 restore Use this command to restore th e FortiSwitch-5003A configu ration from a file on a TFTP server or change the FortiSwitch-5003A firmware. Syntax execute restore config <filename> <tftp_ipv4&[...]

  • Página 112

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 11 2 01-30000-85717-20081205 execute FortiSwitch-5003A CL I reference shutdown Shut down the FortiSwitch-5003A board no w . Y ou will be prompted to confirm the shutdown. Syntax execute shutdown[...]

  • Página 113

    FortiSwitch-5003A CLI reference execute FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 11 3 time Get or set the system time. Syntax execute time [<time_str>] time_str has the form hh:mm:ss , where • hh is the hour and can be 00 to 23 • mm is the minutes and can be 00 to 59 • ss is the[...]

  • Página 114

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 11 4 01-30000-85717-20081205 execute FortiSwitch-5003A CL I reference top Display a list of processes running on the FortiSwitch-500 3A board. The command also displays information ab out each proce ss. Mem: 100168K used, 406696K free, 0K shrd , 344K buff, 75092K cached CPU[...]

  • Página 115

    FortiSwitch-5003A CLI reference execute FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 11 5 traceroute T est the connection between the For tiSwitch-5003A board and an address or hostname and display information ab out the network hop s between the addr ess and the FortiSwitch-5003A boar d. Y ou [...]

  • Página 116

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 11 6 01-30000-85717-20081205 get FortiSwitch-5003A CL I reference get The following get commands are av ailable: • system performance • system status system performance Use this command to display FortiSwitch-5003A CP U usage, memory usage, and USB disk usage. Syntax ge[...]

  • Página 117

    FortiSwitch-5003A CLI reference get FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 11 7 system status Use this command to display FortiSwitch-5 003A system status informatio n including: • firmware version, build number and branch point • serial number • host name • system time and date a[...]

  • Página 118

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 11 8 01-30000-85717-20081205 diagnose FortiSwitch-5003 A CLI reference diagnose This section describes some of the ava ilable FortiSwitch-5003A diagnose commands. Y ou can use diagnose commands for debugging the operation of the FortiSwitch- 5003A board and to set par amete[...]

  • Página 119

    FortiSwitch-5003A CLI reference diagnose FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 11 9 spanning-tree instance fabric-channel Display the configuration of a spannin g tree instanc e for an interface. For example, to disp lay the configuration of spa nning tree instan ce 5 for the FortiSwitch[...]

  • Página 120

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 120 01-30000-85717-200812 05 diagnose FortiSwitch-5003 A CLI reference spanning-tree mst-config fabric-channel Display the FortiSwitch-5003 A fabric channel MSTP config uration. Syntax diagnose spanning-tree mst-config fabric-channel Example output MST Configuration Identif[...]

  • Página 121

    FortiSwitch-5003A CLI reference diagnose FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 121 switch fabric-channel mac-address filter Filter the FortiSwitch-5003A MAC addresses. Syntax diagnose switch fabric-channel mac-address filter <filter> Where <filter> can be: • clear clear fil[...]

  • Página 122

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 122 01-30000-85717-200812 05 diagnose FortiSwitch-5003 A CLI reference switch fabric-channel mac-address list V erify the FortiSwitch-5003A MAC addr ess table. Syntax diagnose switch fabric-channel mac-address list Example output MAC: 00:09:0f:09:37:02 VLAN: 904 Trunk: slot[...]

  • Página 123

    Index FortiSwitch-5003A an d 5003 Fabric and Base Backplane Communications Guide 01-30000-85717-200812 05 123 Index Numerics 802.1q VLANs 33, 36, 56, 59 802.1s Multi-Spanning Tree Protocol 36, 59, 98 802.3ad dynamic mode layer-2 li nk aggregation 8, 33, 56 802.3ad static mode layer-2 link aggregation 8, 33, 36, 56, 59, 101 A active-active redundant[...]

  • Página 124

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 124 01-30000-85717-200812 05 Index fabric channel 1 24 channel 1 and 2 26, 49 channel 2 48 connection between F ortiSwit ch-5003A boards 27, 50 gigabit switching be tween chassis 27, 50 gigabit switching to the network 29, 52 gigabit switching within a chassis 24, 48 fabric[...]

  • Página 125

    Index FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 125 hops maximum 100 MSTP max-hops 100 hostname FortiSwitch-5003A 10 3 hub/switch slots 24, 48 hub/switch slot 1 23, 47, 67, 72, 73, 76, 77, 79 hub/switch slot 2 23, 47, 67, 68, 72, 73, 76, 77, 79 hub/switch slot number 23, 47 , 67 hub/switch s[...]

  • Página 126

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 126 01-30000-85717-200812 05 Index restore CLI command 111 revision 100 MSTP revision number 100 robustness 77 route static CLI command 93 S show backplane interface s 25, 28, 30, 49, 51, 53 shutdown CLI command 112 single point of failure 74, 77 slot hub/switch 24, 48 slot[...]

  • Página 127

    For more information Fortinet documentation FortiSwitch-5003A and 5003 Fabric and Base Backplane Communica tions Guide 01-30000-85717-2008 1205 127 For more information Support for you r Fortinet prod uct is available as onlin e help from within the web-based manager, fro m the T ools and Document ation CD included with the product, on the Fortinet[...]

  • Página 128

    FortiSwitch-5003A and 5003 Fabric and Base Backp lane Communications Gui de 01-30000-85717-200812 05 www.fortinet.com © Copyright 2008 Fortinet, Inc. All rights rese rved. No part of this publicatio n including text, examples, diagrams or illustrations may be reproduced, transmitted, or tran slated in any form or by any means, electronic, mechanic[...]