Initial setup
For the meaning of LEDs, see the Quick Start Guide (QSG).
Internet Access
For FortiGuard updates please have a stable internet access from the FortiNDR unit. Go to System > FortiGuard for updates via Internet. For offline deployments please refer to Appendix D - FortiGuard Updates.
Ports
Port1 and port2 are hard-coded to be management port and sniffer port.
The following is the initial port configuration.
Port | Type | Function |
---|---|---|
Port1 |
10GE copper (10G or 1G autodetect) |
Management port, GUI, Fabric devices files receiving, REST API, ICAP. Default IP address is |
Port2 |
10GE copper (10G or 1G autodetect) |
Sniffer port. |
Port3 Port4 |
1G Copper |
High availability |
Port5 Port6 Port7 Port8 |
10G SPF+ fiber (gen3 only) |
Reserve for future use* |
Console |
Serial port |
Console serial port. 9600 baud, 8 data bits, 1 stop bit, no parity, XON/XOFF. |
While the FortiGate port2 sniffer comes in 10GE copper, it also auto detects 1/10G interfaces. If the switch supports SFP+, you can use the FN-TRAN-SFP+GC transceiver. SKU: FN-TRAN-SFP+GC Product Name: 10GE copper SFP+ RJ45 transceiver (30m range) Description: 10GE copper SFP+ RJ45 Fortinet transceiver (30m range) for systems with SFP+ slots. 10GE copper supports up to 100m cable distance to switch or FortiGate. Ideally the shorter the cable the better the performance, avoiding retransmission and packet loss over physical medium. |
Use CAT 8 copper cable to achieve the maximum performance of up to 40Gbps for sniffer. For differences in CAT cables, see https://www.cablesandkits.com/learning-center/what-are-cat8-ethernet-cables. |
*For customers who are required to use SFP+ ports (available in gen3 hardware only) for management and capture (sniffer), pls contact local CSE for details. |