Fortinet FIM-7920E, FortiGate-7000E Series, FIM-7901E User Manual
FIM-7920E Processing Module Guide
FortiGate-7000E Series
FORTINET DOCUMENT LIBRARY
https://docs.fortinet.com
FORTINET VIDEO GUIDE
https://video.fortinet.com
FORTINET BLOG
https://blog.fortinet.com
CUSTOMER SERVICE & SUPPORT
https://support.fortinet.com
FORTINET TRAINING & CERTIFICATION PROGRAM
https://www.fortinet.com/support-and-training/training.html
NSE INSTITUTE
https://training.fortinet.com
FORTIGUARD CENTER
https://fortiguard.com/
END USER LICENSE AGREEMENT
https://www.fortinet.com/doc/legal/EULA.pdf
FEEDBACK
Email: techdoc@fortinet.com
October 25, 2019
FIM-7920E Processing Module Guide
01-606-411351-20191025
TABLEOFCONTENTS
Change log 4
FIM-7920E interface module 5
Mounting hardware 5
Module levers 5
Power sliders 6
Secure screws 6
Front panel interfaces 6
Physical description 7
Front panel LEDs 8
FIM-7920E C1 to C4 interface combinations 9
Supported transceivers and breakout cables 9
Changing the interface type and splitting the FIM-7920E C1 to C4 interfaces 9
Changing the interface type 9
Splitting the C1 to C4 interfaces 10
Turning the module on and off 10
NMI switch 11
FIM-7920E hardware architecture 11
Hardware installation 12
Installing QSFP28, QSFP+, SFP+, and SFP transceivers 12
To install transceivers 12
Installing the optional front cable management bracket 13
FIM-7920E mounting hardware 14
Inserting a FIM-7920E module into a chassis 15
Shutting down and removing a FIM-7920E module from a chassis 19
Troubleshooting 24
FIM-7920E does not startup 24
FIM-7920E status LED is flashing during system operation 24
Quick FIM-7920E configuration 25
Registering your FortiGate-7000 series products 25
Choosing the configuration tool 25
Changing network settings 25
Cautions and warnings 27
Environmental specifications 27
Safety 28
Regulatory notices 29
Federal Communication Commission (FCC) – USA 29
Industry Canada Equipment Standard for Digital Equipment (ICES) – Canada 29
European Conformity (CE) - EU 29
Voluntary Control Council for Interference (VCCI) – Japan 30
Bureau of Standards Metrology and Inspection (BSMI) – Taiwan 30
China 30
FIM-7920E Processing Module Guide Fortinet Technologies Inc.
Change log
Date Change description
October 25, 2019 Restructuring and bug fixing.
FIM-7920E Processing Module Guide Fortinet Technologies Inc.
FIM-7920E interface module
FIM-7920E
Power
Slider
Module
Lever
Secure
Screw
Module
Lever
Power
Slider
Secure
Screw
C1 to C4
100GigE Fabric Channel
QSFP28 Network
Interfaces (data)
M1 and M2 10GigE Base
Channel SFP+ Interfaces
(heartbeat and management)
MGMT1 - MGMT4
10/100/1000BASE-T Copper
Management Interface
Status, Alarm
HA, and Power
LEDS
USB
Power
Button
NMI
Button
The FIM-7920E interface module is a hot swappable module that provides data, management, and session
sync/heartbeat interfaces, base backplane switching, and fabric backplane session-aware load balancing for a
FortiGate-7000 series chassis. The FIM-7920E includes an integrated switch fabric and DP2 processors to load balance
millions of data sessions over the 80Gbps fabric backplane channel to FPM processor modules. The FIM-7920E also
includes a 1Gbps base backplane channel for base backplane management communication with each FPMmodule in
the chassis, one 40Gbps fabric backplane channel for fabric backplane communication with the FIM module(s) in the
chassis, and a second 1Gbps base backplane channel for base backplane communication with the FIM module(s) in the
chassis.
The FIM-7920E can be installed in any FortiGate-7000 series chassis in chassis hub/switch slots 1 or 2. The FIM-7920E
provides four Quad Small Form-factor Pluggable 28 (QSFP28) 100GigE interfaces for a FortiGate-7000 chassis. Using
a 100GBASE-SR4 QSFP28 or 40GBASE-SR4 QSFP+ transceiver, each QSFP28 interface can also be split into four
10GBASE-SR SFP+ interfaces.
You can also install FIM-7920Es in a second chassis and operate the chassis in HA mode to provide chassis failover
protection.
FIM-7920E front panel
Mounting hardware
Module levers
Use the module levers, power sliders, and secure screws to insert, secure and remove the module from the chassis.
Carefully slide the module all of the way into the chassis slot and fully close the module levers to seat the module into
the chassis slot and to connect the module to the chassis backplane connectors. When both module levers are fully
FIM-7920E Processing Module Guide Fortinet Technologies Inc.
FIM-7920E interface module 6
closed, the power sliders can be lowered to their bottom position, locking the module levers and turning on power to the
module.
Raise the power sliders to unlock the module levers and turn off module power. Then open the module levers to eject
the module from the backplane connectors; allowing the module to be removed from the chassis.
The module lever mechanism helps reduce the engagement force required to insert or eject the module from the
backplane connectors.
The module levers do not fully secure the module in the chassis. The secure screws must be tightened to reliably secure
the module in the chassis and to make sure the module remains securely connected to the backplane for power and
network connectivity.
Power sliders
Close the module levers and move the power sliders to their bottom position to lock the module levers and turn the
module power switch on.
Move the power sliders to the top position to unlock the module levers and turn the module power switch off.
Gently push the power sliders down to make sure they are in their bottom position. If the module LEDs do not light the
module is not receiving power. If this happens check the power sliders to make sure they are in their bottom position.
Secure screws
Fully tighten the secure screws to lock the module in the chassis providing a secure and reliable connection with the
backplane.
Loosen the secure screws before ejecting the module from the chassis.
Front panel interfaces
You connect the FIM-7920E to your 100Gbps networks using the C1 to C4 front panel QSFP28 interfaces. The front
panel also includes M1 and M2 SFP+ interfaces for the base channel, four Ethernet management interfaces (MGMT1 to
MGMT4), and a USB port. The USB port can be used with any USB key for backing up and restoring configuration files.
Connector Type Speed Protocol Description
C1 to C4 QSFP28 100Gbps/40Gbps/10Gbps Ethernet Four front panel 100GigE QSFP28 fabric
channel interfaces that can be connected to
100Gbps networks to distribute sessions to
the FPM processor modules installed in
chassis slots 3 and up. Using a 100GBASESR4 QSFP28 or 40GBASE-SR4 QSFP+
transceiver, each QSFP28 interface can
also be split into four 10GBASE-SR
interfaces. These interfaces also support
creating link aggregation groups (LAGs)
FIM-7920E Processing Module Guide Fortinet Technologies Inc.
FIM-7920E interface module 7
Connector Type Speed Protocol Description
that can include interfaces from multiple
FIM-7920Es.
M1 and M2 SFP+ 10Gbps/1Gbps Ethernet Two front panel 10GigE SFP+ interfaces
that connect to the base backplane
channel. These interfaces are used for
heartbeat, session sync, and management
communication between FIM-7920Es in
different chassis. These interfaces can also
be configured to operate as Gigabit
Ethernet interfaces using SFP transceivers,
but should not normally be changed. If you
use switches to connect these interfaces,
the switch ports should be able to accept
packets with a maximum frame size of at
least 1526. The M1 and M2 interfaces need
to be on different broadcast domains. If M1
and M2 are connected to the same switch,
Q-in-Q must be enabled on the switch
MGMT1 to
MGMT4
USB USB 3.0
RJ-45 10/100/1000Mbps Ethernet Four 10/100/1000BASE-T copper out of
band management Ethernet interfaces.
Type A
USB 3.0
USB 2.0
Standard USB connector.
Physical description
Dimensions 1.88 x 17.11 x 18.49 in. (48 x 435 x 470 mm) (Height x Width x Length)
Weight 16.6 lb. (7.6 kg)
Operating Temperature 32 to 104°F (0 to 40°C)
Storage Temperature -31 to 158°F (-35 to 70°C)
Relative Humidity 10% to 90% (Non-condensing)
Power consumption Max: 460W; Average: 410W
Max Current 38.3 A
Heat Dissipation 1565BTU/h
Joules/h 1644KJ/h
FIM-7920E Processing Module Guide Fortinet Technologies Inc.
FIM-7920E interface module 8
Front panel LEDs
From the FIM-7920E font panel you can view the status of the module LEDs to verify that the module is functioning
normally.
LED State Description
Off The FIM-7920E is powered off.
STATUS
ALARM Red Major alarm.
HA
POWER Green The FIM-7920E is powered on and operating normally.
C1 to C4
Green The FIM-7920E is powered on and operating normally.
Flashing Green The FIM-7920E is starting up.
Amber Minor alarm
Off No alarms
Off The FIM-7920E is operating in normal mode.
Green The FIM-7920E is operating in HA mode.
Red A failover has occurred
Off The FIM-7920E is powered off.
Green The correct cable is connected to the interface and the connected equipment
has power and is connected at 100Gbps or 40Gbps. If the port is split the LED
will light as long as at least one of the 10Gbps connections is active.
Flashing Green Network activity at the interface.
Off No link is established.
M1 and M2 Green The correct cable is connected to the interface and the connected equipment
has power.
Flashing Green Network activity at the interface.
Off No link is established.
Solid Green Indicates this interface is connected with the correct cable and the attached
MGMT1-4
Link/Act
MGMT1-4
Speed
FIM-7920E Processing Module Guide Fortinet Technologies Inc.
Blinking Green Indicates network traffic on this interface.
Off No Link
Green Connection at 1Gbps.
Amber Connection at 100Mbps.
Off Connection at 10Mbps.
network device has power.
FIM-7920E interface module 9
FIM-7920E C1 to C4 interface combinations
The following table shows the different combinations of interface speeds that you can set up with the FIM-7920E C1 to
C4 front panel interfaces.
100GE QSFP28 4 3 3 2 2 2 1 1 1 1 x x x x x
40GE QSFP+ x 1 x 2 1 x 3 2 1 x 4 3 2 1 x
10Ge SFP+ x x 4 x 4 8 x 4 8 12 x 4 8 12 16
Supported transceivers and breakout cables
Transceivers available from Fortinet for the FIM-7920E C1 to C4 QSFP28 interfaces.
Transceiver Description
FG-TRAN-QSFP28-SR4 100 GE QSFP28 transceivers, 4 channel parallel fiber, short range.
FG-TRAN-QSFP28-LR4 100 GE QSFP28 transceivers, 4 channel parallel fiber, long range.
FG-TRAN-QSFP+SR 40GE QSFP+ transceivers, short range.
FG-TRAN-QSFP+LR 40GE QSFP+ transceivers, long range.
Breakout cables available from Fortinet for the FIM-7920E C1 to C4 QSFP28 interfaces.
Breakout Description
FG-TRAN-QSFP-4XSFP 40GE QSFP+ Parallel Breakout Active Optical Cable with 1m length.
FG-TRAN-QSFP-4SFP-5 40G QSFP+ Parallel Breakout MPO to 4xLC connectors, 5m reach.
Changing the interface type and splitting the FIM-7920E C1 to C4 interfaces
By default, the FIM-7920E C1 to C4 interfaces are configured as 100GE QSFP28 interfaces. You can use the following
command to convert them to 40GE QSFP+ interfaces. Once converted, you can use the other command below to split
them into four 10GBASE-SR interfaces.
Changing the interface type
For example, to change the interface type of the C1 interface of the FIM-7920E in slot 1 to 40GE QSFP+ connect to the
CLI of your FortiGate-7000 system using the management IP and enter the following command:
config system global
set qsfp28-40g-port 1-C1
FIM-7920E Processing Module Guide Fortinet Technologies Inc.
FIM-7920E interface module 10
end
The FortiGate-7000 system reboots and when it starts up interface C1 of the FIM-7920E in slot 1 is operating as a 40GE
QSFP+ interface .
To change the interface type of the C3 and C4 ports of the FIM-7920E in slot 2 to 40GE QSFP+ enter the following
command:
config system global
set qsfp28-40g-port 2-C3 2-C4
end
The FortiGate-7000 system reboots and when it starts up interfaces C3 and C4 of the FIM-7920E in slot 2 are operating
as a 40GE QSFP+ interfaces.
Splitting the C1 to C4 interfaces
Each 40GE interface (C1 to C4) on the FIM-7920Es in slot 1 and slot 2 of a FortiGate-7000 system can be split into 4 x
10GBE interfaces. You split these interfaces after the FIM-7920Es are installed in your FortiGate-7000 system and the
system us up and running. You can split the interfaces of the FIM-7920Es in slot 1 and slot 2 at the same time by
entering a single CLI command. Enabling, disabling, or changing the split interfaces configuration requires a system
reboot. Fortinet recommends that you split multiple interfaces at the same time according to your requirements to avoid
traffic disruption.
For example, to split the C1 interface of the FIM-7920E in slot 1 (this interface is named 1-C1) and the C1 and C4
interfaces of the FIM-7920E in slot 2 (these interfaces are named 2-C1 and 2-C4) connect to the CLI of your FortiGate7000 system using the management IP and enter the following command:
config system global
set split-port 1-C1 2-C1 2-C4
end
After you enter the command, the FortiGate-7000 reboots and when it comes up:
l The 1-C1 interface will no longer be available. Instead the 1-C1/1, 1-C1/2, 1-C1/3, and 1-C1/4 interfaces will be
available.
l The 2-C1 interface will no longer be available. Instead the 2-C1/1, 2-C1/2, 2-C1/3, and 2-C1/4 interfaces will be
available.
l The 2-C4 interface will no longer be available. Instead the 2-C4/1, 2-C4/2, 2-C4/3, and 2-C4/4 interfaces will be
available.
You can now connect breakout cables to these interfaces and configure traffic between them just like any other
FortiGate interface.
Turning the module on and off
You can use the front panel power button to turn the FIM-7920E power on or off. If the FIM-7920E is powered on, press
the power switch to turn it off. If the FIM-7920E is turned off and installed in a chassis slot, press the power button to
turn it on.
FIM-7920E Processing Module Guide Fortinet Technologies Inc.
Loading...