Fortinet FortiGate-5001FA2 manual Base backplane gigabit communication

Page 8

Base backplane gigabit communication

FortiGate-5001FA2 security system

Session Oriented Traffic with long session lifetime, such as FTP sessions.

Packet size does not affect performance for traffic with long session lifetime. For long sessions, processing that would otherwise be handled by the FortiGate-5001FA2 CPUs is off-loaded to the acceleration module.

Firewall and intrusion protection (IPS), when there is a reasonable percentage of P2P packets.

Firewall, intrusion protection (IPS), and antivirus, when there is a reasonable percentage of P2P packets.

Firewall and IPSec VPN applications.

The following traffic scenarios should be handled by the normal (or non- accelerated) FortiGate-5001FA2 interfaces:

Session oriented traffic when the session lifetime is very short.

Firewall and antivirus only applications.

Traffic will not be off-loaded to the FortiGate-5001FA2 accelerator module. The result will be high CPU usage because of the high CPU requirement for antivirus scanning.

FA2 interfaces and active-active HA performance

FortiOS v3.0 MR4 firmware can also use FA2 acceleration to improve active-active HA load balancing performance. See the FortiGate HA Overview or the FortiGate HA Guide for more information.

Base backplane gigabit communication

The FortiGate-5001FA2 port9 and port10 base backplane gigabit interfaces can be used for HA heartbeat communication between FortiGate-5001FA2 boards installed in the same or in different FortiGate-5000 chassis. You can also configure FortiGate-5001FA2 boards to use the base backplane interfaces for data communication between FortiGate boards. To support base backplane communications your FortiGate-5140 or 5050 chassis must include one or more FortiSwitch-5003 boards. FortiSwitch-5003 boards are installed in chassis slots 1 and 2. The FortiGate-5020 chassis supports base backplane communication with no additions or changes to the chassis.

For information about base backplane communication in FortiGate-5140 and FortiGate-5050 chassis, see the FortiGate-5000 Base Backplane Communication Guide. For information about the FortiSwitch-5003 board, see the FortiSwitch-5003 Guide.

 

FortiGate-5001FA2 Security System Guide

8

01-30000-0379-20080606

Page 7 Page 9
Image 8
Page 7 Page 9
Contents C u r i t y S y s t e m G u i d e Page Contents For more information FortiGate-5001FA2 security system Front panel LEDs and connectors LEDsConnectors Accelerated packet forwarding and policy enforcementBase backplane gigabit communication FA2 interfaces and active-active HA performanceTo install FortiGate-5001FA2 RAM DIMMs RAM DIMMsInstalling SFP transceivers Location of FortiGate-5001FA2 RAM Dimm slotsChanging FortiGate-5001FA2 jumper settings To install SFP transceiversFortiGate-5001FA2 jumper settings To change or verify the JP3 jumper setting Inserting a FortiGate-5001FA2 board into a chassisInsertion procedure Before inserting the FortiGate-5001FA2 board in a chassisClosed OpenHandle Unlock FortiGate-5001FA2 normal operating LEDs Removing a FortiGate-5001FA2 board from a chassis FortiGate-5001FA2 does not startup TroubleshootingAll chassis left handle not contacting power switch Location of FortiGate-5001FA2 power switch All chassis Firmware problem FortiGate-5001FA2 cannot display chassis informationPlanning the configuration Registering your Fortinet productNAT/Route mode Transparent modeWeb-based manager Choosing the configuration toolCommand Line Interface CLI Factory default settings Configuring NAT/Route modeTo configure the Default Gateway Using the web-based manager to configure NAT/Route modeTo configure interfaces Go to System Network Interface Using the CLI to configure NAT/Route mode Config system interface edit port2To switch from NAT/Route mode to transparent mode Configuring Transparent modeUsing the web-based manager to configure Transparent mode Using the CLI to configure Transparent mode To upgrade the firmware using the web-based managerUpgrading FortiGate-5001FA2 firmware Go to System StatusUnder System Information Firmware Version, select Update To upgrade the firmware using the CLIFortiGate-5001FA2 base backplane data communication Powering off the FortiGate-5001FA2 board To power off a FortiGate-5001FA2 boardPowering off the FortiGate-5001FA2 board Register your Fortinet product Customer service and technical supportFortinet documentation Trademarks Regulatory compliance
Top Page Image Contents