Fortinet black logo

Hardware Acceleration

Configuring hyperscale UDP timeout profiles

Configuring hyperscale UDP timeout profiles

If your FortiGate is licensed for hyperscale firewall features, you can use the following command to create one or more UDP timeout profiles. Once you have created UDP timeout profiles, in a firewall policy in a hyperscale firewall VDOM, you can use the udp-timeout-pid firewall policy option to select a UDP timeout profile to apply to traffic accepted by the hyperscale firewall policy.

config system npu

config udp-timeout-profile

edit {8 | 9 | 10 | ... | 63}

set udp-idle <seconds>

end

udp-idle UDP idle timeout in seconds. Range 1 to 86400, default 180.

For example, use the following command to create UDP timeout profile number 45:

config global

config system npu

config udp-timeout-profile

edit 45

set udp-idle <seconds>

end

Use the following command to apply UDP timeout profile number 45 to a hyperscale firewall policy:

config vdom

edit <hyperscale-firewall-vdom-name>

config firewall policy

edit 1

set action accept

set policy-offload enable

...

set udp-timout-pid 45

...

end

Configuring hyperscale UDP timeout profiles

If your FortiGate is licensed for hyperscale firewall features, you can use the following command to create one or more UDP timeout profiles. Once you have created UDP timeout profiles, in a firewall policy in a hyperscale firewall VDOM, you can use the udp-timeout-pid firewall policy option to select a UDP timeout profile to apply to traffic accepted by the hyperscale firewall policy.

config system npu

config udp-timeout-profile

edit {8 | 9 | 10 | ... | 63}

set udp-idle <seconds>

end

udp-idle UDP idle timeout in seconds. Range 1 to 86400, default 180.

For example, use the following command to create UDP timeout profile number 45:

config global

config system npu

config udp-timeout-profile

edit 45

set udp-idle <seconds>

end

Use the following command to apply UDP timeout profile number 45 to a hyperscale firewall policy:

config vdom

edit <hyperscale-firewall-vdom-name>

config firewall policy

edit 1

set action accept

set policy-offload enable

...

set udp-timout-pid 45

...

end