Fortinet Document Library

Version:

Version:

Version:

Version:


Table of Contents

Hardware Acceleration

Download PDF
Copy Link

Displaying information about security processing modules

You can display information about installed SP modules using the CLI command

diagnose npu spm

For example, for the FortiGate-5101C:

FG-5101C # diagnose npu spm list

Available SP Modules:

 

ID Model       Slot      Interface

0 xh0          built-in  port1, port2, port3, port4,

                        base1, base2, fabric1, fabric2

                        eth10, eth11, eth12, eth13

                        eth14, eth15, eth16, eth17

                        eth18, eth19

You can also use this command to get more info about SP processing. This example shows how to display details about how the module is processing sessions using the syn proxy.

diagnose npu spm dos synproxy <sp_id>

This is a partial output of the command:

Number of proxied TCP connections :                 0

Number of working proxied TCP connections :         0

Number of retired TCP connections :                 0

Number of valid TCP connections :                   0

Number of attacks, no ACK from client :             0

Number of no SYN-ACK from server :                  0

Number of reset by server (service not supported): 0

Number of established session timeout :              0

Client timeout setting :                            3 Seconds

Server timeout setting :                            3 Seconds

Displaying information about security processing modules

You can display information about installed SP modules using the CLI command

diagnose npu spm

For example, for the FortiGate-5101C:

FG-5101C # diagnose npu spm list

Available SP Modules:

 

ID Model       Slot      Interface

0 xh0          built-in  port1, port2, port3, port4,

                        base1, base2, fabric1, fabric2

                        eth10, eth11, eth12, eth13

                        eth14, eth15, eth16, eth17

                        eth18, eth19

You can also use this command to get more info about SP processing. This example shows how to display details about how the module is processing sessions using the syn proxy.

diagnose npu spm dos synproxy <sp_id>

This is a partial output of the command:

Number of proxied TCP connections :                 0

Number of working proxied TCP connections :         0

Number of retired TCP connections :                 0

Number of valid TCP connections :                   0

Number of attacks, no ACK from client :             0

Number of no SYN-ACK from server :                  0

Number of reset by server (service not supported): 0

Number of established session timeout :              0

Client timeout setting :                            3 Seconds

Server timeout setting :                            3 Seconds