Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1493
Views
10
Helpful
5
Replies

Nexus 5672 - Problem connecting to Fortigate 1800F with 40GE

udo.konstantin
Level 1
Level 1

‎04-25-2022 04:45 AM

Hello community, 

 

we are facing a strange problem while connecting a Nexus 5672UP (7.3.8.N1.1) to a Fortigate 1800F. 

For connectivity we tried Port 2/3 (6 x 40GE Ports) with Cisco DAC cables. The transceiver would be recognized but the link show 
Ethernet2/3 is down (Link not connected)

The configuration is quite simple and nothing complicated: 

switchport mode trunk

also hardcode the bandwidth 40GE 

 

We tried several cables, but none worked.

 

On Fortigate Site the interface hast the following configuration: 

set vdom "root"

        set vrf 0

        set fortilink disable

        set mode static

        set dhcp-relay-interface-select-method auto

        set dhcp-relay-service disable

        set management-ip 0.0.0.0 0.0.0.0

        set ip 0.0.0.0 0.0.0.0

        unset allowaccess

        set fail-detect disable

        set arpforward enable

        set broadcast-forward disable

        set bfd global

        set l2forward disable

        set icmp-send-redirect enable

        set icmp-accept-redirect enable

        set vlanforward disable

        set stpforward disable

        set ips-sniffer-mode disable

        set ident-accept disable

        set ipmac disable

        set subst disable

        set substitute-dst-mac 00:00:00:00:00:00

        set status up

        set netbios-forward disable

        set wins-ip 0.0.0.0

        set type physical

        set netflow-sampler disable

        set sflow-sampler disable

        set src-check enable

        set sample-rate 2000

        set polling-interval 20

        set sample-direction both

        set explicit-web-proxy disable

        set explicit-ftp-proxy disable

        set proxy-captive-portal disable

        set tcp-mss 0

        set mediatype sr4

        set inbandwidth 0

        set outbandwidth 0

        set egress-shaping-profile ''

        set ingress-shaping-profile ''

        set disconnect-threshold 0

        set spillover-threshold 0

        set ingress-spillover-threshold 0

        set weight 0

        set external disable

        set description ''

        set alias ''

        set security-mode none

        set device-identification disable

        set lldp-reception vdom

        set lldp-transmission vdom

        set estimated-upstream-bandwidth 0

        set estimated-downstream-bandwidth 0

        set measured-upstream-bandwidth 0

        set measured-downstream-bandwidth 0

        set bandwidth-measure-time 0

        set monitor-bandwidth disable

        set vrrp-virtual-mac disable

        set role undefined

        set snmp-index 43

        set secondary-IP disable

        set preserve-session-route disable

        set auto-auth-extension-device disable

        set ap-discover enable

        set ip-managed-by-fortiipam disable

        set switch-controller-mgmt-vlan 4094

        set switch-controller-igmp-snooping-proxy disable

        set switch-controller-igmp-snooping-fast-leave disable

        set swc-first-create 0

        set np-qos-profile 0

        config ipv6

            set ip6-mode static

            set nd-mode basic

            set ip6-address ::/0

            unset ip6-allowaccess

            set icmp6-send-redirect enable

            set ra-send-mtu enable

            set ip6-reachable-time 0

            set ip6-retrans-time 0

            set ip6-hop-limit 0

            set dhcp6-prefix-delegation disable

            set dhcp6-information-request disable

            set vrrp-virtual-mac6 disable

            set vrip6_link_local ::

            set ip6-send-adv disable

            set autoconf disable

            set dhcp6-relay-service disable

        end

        set priority 0

        set dhcp-client-identifier ''

        set dhcp-renew-time 0

        set dns-server-override enable

        set speed 40000full

        set mtu-override disable

        set wccp disable

        set drop-overlapped-fragment disable

        set drop-fragment disable

 

Does anyone have any idea as to what could be causing this?

 

Thanks 
Udo 

1 person had this problem
5 Replies 5

MHM Cisco World
VIP
VIP

‎04-25-2022 06:12 AM - edited ‎04-26-2022 06:20 AM

...

0 Helpful

udo.konstantin
Level 1
Level 1
In response to MHM Cisco World

‎04-25-2022 07:51 AM

Hi,

This seems not the problem because only the QSFP 40GE Interfaces (2/1-6) are affected.

Kind Regards
Udo
0 Helpful

MHM Cisco World
VIP
VIP
In response to udo.konstantin

‎04-25-2022 12:25 PM - edited ‎04-26-2022 06:20 AM

...

0 Helpful

MHM Cisco World
VIP
VIP

‎04-26-2022 06:21 AM - edited ‎04-26-2022 06:27 AM

https://www.cisco.com/c/en/us/products/collateral/interfaces-modules/transceiver-modules/data_sheet_c78-660083.html

check this data sheet 

 

module-1# show hardware internal tah event-history front-port x <- check if you get something from this show command

udo.konstantin
Level 1
Level 1
In response to MHM Cisco World

‎04-27-2022 08:09 AM

@MHM Cisco World ,

 

thank you for this informations. It seems to be this command is only in N7K available. But but currently I'm still waiting until I can access the Nexus again. I will inform you. 

 

Regards

Udo 

0 Helpful
Customers Also Viewed These Support Documents