beautypg.com

Fortinet 5003 User Manual

Page 55

background image

FortiGate-5050 fabric backplane communication

Fabric 10-gigabit switching within a chassis

FortiSwitch-5003A and 5003 Fabric and Base Backplane Communications Guide
01-30000-85717-20081205

55

Figure 20: Example 10-gigabit connection between internal and external networks

The configuration shown in

Figure 20

requires no configuration changes to the

FortiSwitch-5003A boards except to disable communication between the
FortiSwitch-5003A boards (if required, see

“Fabric channel connections between

FortiSwitch-5003A boards” on page 50

).

On the FortiGate-5001A board, to allow traffic to pass between the internal and
external networks, the FortiGate-5001A board would operate in NAT/Route mode
and you must configure firewall policies and routing for the fabric1 and fabric2
interfaces. No configuration changes are required to use the FortiGate-RTM-XB2
module. NP2 acceleration is automatically applied to traffic passing between the
internal and external networks by the FortiGate-RTM-XB2 module.

If the data traffic contains VLAN-tagged packets, you must add the VLAN tags to
the FortiSwitch-5003A interfaces that will handle the VLAN-tagged traffic. For
example, to allow VLAN tags 80 to 90 on slots 1 and the F7 front panel interface,
from the FortiSwitch-5003A CLI enter:

config switch fabric-channel interface

edit "slot-1"

set allowed-vlans 1,80-90

next
edit "f7"

set allowed-vlans 1,80-90

end

1

2

2

3

4

5

SMC

1

SMC

POWER

5050SAP

SERIAL

1

SERIAL

2

ALARM

10/100

link/Act

ETH0 Service

RESET

ST

AT

US

Hot Swap

link/Act

ETH0

ETH1

10/100

5000SM

10/100

link/Act

ETH0 Service

RESET

ST

AT

US

Hot Swap

link/Act

ETH0

ETH1

10/100

5000SM

Fabric Channel 2
10-gigabit Data
Communication

FortiGate-RTM-XB2
module installed in RTM
slot 3 provides two
10-gigabit fabric channels
and NP2 acceleration for
the FortiGate-5001A board

FortiGate-5001A Board
Installed in FortiGate-5050
front panel slot 3

Fabric Channel 1
10 Gigabit Data
Communication

Internal 10-gigabit

Network Connected

to Fabric Channel 2

External 10-gigabit

Network Connected

to Fabric Channel 1

Internal Network

External
Network

Note: On some versions of the FortiGate-5001A firmware, when a FortiGate-5001A board
starts up with a FortiGate-RTM-XB2 module installed, the fabric1 and fabric2 interfaces are
replaced with interfaces that are named RTM/1 and RTM/2 to indicate the presence of the
FortiGate-RTM-XB2 module. Configuration settings that include the fabric1 and fabric2
interface names will have to be changed to use the RTM/1 and RTM/2 interface names.

See also other documents in the category Fortinet Computer Accessories: