Fortinet MR1 User Manual

FortiSwitch-100

Version 4.0 MR1

User Guide

FortiSwitch-100 Userl Guide

Version 4.0 MR1

Revision 2

November 23, 2009

© Copyright 2009 Fortinet, Inc. All rights reserved. No part of this publication including text, examples, diagrams or illustrations may be reproduced, transmitted, or translated in any form or by any means, electronic, mechanical, manual, optical or otherwise, for any purpose, without prior written permission of Fortinet, Inc.

Trademarks

Dynamic Threat Prevention System (DTPS), APSecure, FortiASIC, FortiBIOS, FortiBridge, FortiClient, FortiGate®, FortiGate Unified Threat Management System, FortiGuard®, FortiGuard-Antispam, FortiGuard-Antivirus, FortiGuard-Intrusion, FortiGuard-Web, FortiLog, FortiAnalyzer, FortiManager, Fortinet®, FortiOS, FortiPartner, FortiProtect, FortiReporter, FortiResponse, FortiShield, FortiVoIP, and FortiWiFi are trademarks of Fortinet, Inc. in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

Regulatory compliance

FCC Class A Part 15 CSA/CUS

CAUTION: Risk of Explosion if Battery is replaced by an Incorrect Type. Dispose of Used Batteries According to the Instructions.

Table of Contents

1 INTRODUCTION...................................................................................................................23

1.1 Switch Description ....................................................................................................................................23

1.2 Features...................................................................................................................................................... 23

1.3 Front-Panel Components.......................................................................................................................... 25

1.4 LED Indicators ...........................................................................................................................................25

1.5 Rear Panel Description .............................................................................................................................25

1.6 Management Options ................................................................................................................................ 26

1.7 Web-based Management Interface .......................................................................................................... 26

1.8 Command Line Console Interface Through the Serial Port or Telnet.................................................. 26

1.9 SNMP-Based Management .......................................................................................................................26

2 INSTALLATION AND QUICK STARTUP.............................................................................28

2.1 Package Contents .....................................................................................................................................28

2.2 Switch Installation ..................................................................................................................................... 28

2.2.1 Installing the Switch Without the Rack............................................................................................... 28

2.2.2 Installing the Switch in a Rack ...........................................................................................................29

2.3 Quick Starting the Switch ......................................................................................................................... 30

2.4 System Information Setup........................................................................................................................ 30

2.4.1 Quick Start up Software Version Information..................................................................................... 30

2.4.2 Quick Start up Physical Port Data......................................................................................................30

2.4.3 Quick Start up User Account Management .......................................................................................31

2.4.4 Quick Start up IP Address.................................................................................................................. 32

2.4.5 Quick Start up Uploading from Switch to Out-of-Band PC (Only XMODEM) ....................................33

2.4.6 Quick Start up Downloading from Out-of-Band PC to Switch (Only XMODEM)................................34

2.4.7 Quick Start up Downloading from TFTP Server ................................................................................34

2.4.8 Quick Start up Factory Defaults ......................................................................................................... 34

2.4.9 Connecting Devices to the Switch .....................................................................................................35

2.4.10 Updating the Image Code on the Switch .........................................................................................35

2.5 Set Up your Switch Using Console Access............................................................................................ 39

2.6 Set Up your Switch Using Telnet Access ...............................................................................................40

3 WEB-BASED MANAGEMENT INTERFACE........................................................................41

3.1 Overview.....................................................................................................................................................41

3.2 How to log in ..............................................................................................................................................41

3.3 Web-Based Management Menu................................................................................................................42

4 COMMAND LINE INTERFACE STRUCTURE AND MODE-BASED CLI............................. 46

4.1 CLI Command Format ............................................................................................................................... 46

4.2 CLI Mode-based Topology........................................................................................................................ 46

5 SWITCHING COMMANDS ...................................................................................................49

5.1 System Information and Statistics commands ...................................................................................... 49

5.1.1 show arp............................................................................................................................................. 49

5.1.2 show calendar .................................................................................................................................... 49

5.1.3 show eventlog ....................................................................................................................................50

5.1.4 show running-config...........................................................................................................................51

5.1.5 show sysinfo....................................................................................................................................... 51

5.1.6 show hardware...................................................................................................................................52

5.1.7 show loginsession .............................................................................................................................. 53

5.2 Device Configuration Commands............................................................................................................ 53

5.2.1 Interface .............................................................................................................................................53

5.2.1.1 show interface status................................................................................................................ 53

5.2.1.2 show interface counters............................................................................................................54

5.2.1.3 show interface switch ...............................................................................................................59

5.2.1.4 interface.................................................................................................................................... 60

5.2.1.5 speed-duplex ............................................................................................................................ 60

5.2.1.6 negotiate...................................................................................................................................61

5.2.1.7 capabilities................................................................................................................................62

5.2.1.8 storm-control flowcontrol ..........................................................................................................63

5.2.1.9 shutdown ..................................................................................................................................64

5.2.2 L2 MAC Address and Multicast Forwarding Database Tables ..........................................................66

5.2.2.1 show mac-addr-table ................................................................................................................ 66

5.2.2.2 show mac-address-table gmrp .................................................................................................67

5.2.2.3 show mac-address-table igmpsnooping................................................................................... 67

5.2.2.4 show mac-address-table multicast ...........................................................................................68

5.2.2.5 show mac-address-table stats.................................................................................................. 69

5.2.2.6 show mac-address-table agetime ............................................................................................69

5.2.2.7 mac-address-table aging-time.................................................................................................. 69

5.2.3 VLAN Management............................................................................................................................ 70

5.2.3.1 show vlan.................................................................................................................................. 70

5.2.3.2 show vlan id.............................................................................................................................. 71

5.2.3.3 show protocol group .................................................................................................................72

5.2.3.4 show interface switchport .........................................................................................................72

5.2.3.5 vlan database ...........................................................................................................................73

5.2.3.6 vlan ...........................................................................................................................................73

5.2.3.7 vlan name .................................................................................................................................74

5.2.3.8 vlan makestatic.........................................................................................................................75

5.2.3.9 protocol group........................................................................................................................... 75

5.2.3.10 switchport acceptable-frame-type ..........................................................................................76

5.2.3.11 switchport ingress-filtering...................................................................................................... 77

5.2.3.12 switchport native vlan .............................................................................................................78

5.2.3.13 switchport allowed vlan...........................................................................................................79

5.2.3.14 switchport tagging...................................................................................................................80

5.2.3.15 switchport priority....................................................................................................................81

5.2.3.16 switchport protocol group .......................................................................................................82

5.2.3.17 switchport forbidden vlan........................................................................................................ 84

5.2.4 GVRP and Bridge Extension..............................................................................................................85

5.2.4.1 show bridge-ext ........................................................................................................................85

5.2.4.2 show gvrp configuration............................................................................................................86

5.2.4.3 show gmrp configuration ..........................................................................................................87

5.2.4.4 show garp configuration ...........................................................................................................87

5.2.4.5 bridge-ext gvrp.......................................................................................................................... 88

5.2.4.6 bridge-ext gmrp ........................................................................................................................89

5.2.4.7 switchport gvrp .........................................................................................................................89

5.2.4.8 switchport gmrp ........................................................................................................................90

5.2.4.9 garp timer .................................................................................................................................91

5.2.5 IGMP Snooping.................................................................................................................................. 95

5.2.5.1 Show Commands .....................................................................................................................95

5.2.5.2 Configuration Commands......................................................................................................... 98

5.2.6 Port Channel ....................................................................................................................................107

5.2.6.1 show port-channel ..................................................................................................................107

5.2.6.2 port-channel............................................................................................................................108

5.2.6.3 port-channel adminmode all ................................................................................................... 109

5.2.6.4 staticcapability ........................................................................................................................109

5.2.6.5 port-channel linktrap ............................................................................................................... 110

5.2.6.6 port-channel name..................................................................................................................110

5.2.6.7 adminmode.............................................................................................................................111

5.2.6.8 lacp .........................................................................................................................................111

5.2.6.9 channel-group......................................................................................................................... 112

5.2.6.10 delete-channel-group............................................................................................................113

5.2.7 Storm Control ................................................................................................................................... 114

5.2.7.1 show storm-control .................................................................................................................114

5.2.7.2 storm-control broadcast.......................................................................................................... 116

5.2.7.3 storm-control multicast ...........................................................................................................117

5.2.7.4 storm-control unicast ..............................................................................................................118

5.2.7.5 switchport broadcast packet-rate ...........................................................................................119

5.2.7.6 switchport multicast packet-rate .............................................................................................120

5.2.7.7 switchport unicast packet-rate................................................................................................121

5.2.8 L2 Priority ......................................................................................................................................... 122

5.2.8.1 show queue cos-map .............................................................................................................122

5.2.8.2 queue cos-map.......................................................................................................................123

5.2.9 Port Mirror ........................................................................................................................................123

5.2.9.1 show port-monitor session .....................................................................................................123

5.2.9.2 port-monitor session ............................................................................................................... 124

5.2.9.3 port-monitor session mode.....................................................................................................125

5.3 Management Commands ........................................................................................................................ 125

5.3.1 Network Commands ........................................................................................................................125

5.3.1.1 show ip interface.....................................................................................................................125

5.3.1.2 show ip filter............................................................................................................................ 126

5.3.1.3 show ip ipv6............................................................................................................................ 127

5.3.1.4 mtu..........................................................................................................................................127

5.3.1.5 interface vlan ..........................................................................................................................128

5.3.1.6 ip address ...............................................................................................................................128

5.3.1.7 ip default-gateway ..................................................................................................................129

5.3.1.8 ip address protocol .................................................................................................................129

5.3.1.9 ip filter .....................................................................................................................................130

5.3.1.10 ip ipv6 ...................................................................................................................................131

5.3.2 Serial Interface Commands .............................................................................................................132

5.3.2.1 show line console ...................................................................................................................132

5.3.2.2 line console.............................................................................................................................132

5.3.2.3 baudrate .................................................................................................................................133

5.3.2.4 exec-timeout ........................................................................................................................... 133

5.3.2.5 password-threshold ................................................................................................................134

5.3.2.6 silent-time ...............................................................................................................................134

5.3.3 Telnet Session Commands..............................................................................................................135

5.3.3.1 telnet.......................................................................................................................................135

5.3.3.2 show line vty ...........................................................................................................................135

5.3.3.3 line vty.....................................................................................................................................136

5.3.3.4 exec-timeout ........................................................................................................................... 137

5.3.3.5 password-threshold ................................................................................................................137

5.3.3.6 maxsessions...........................................................................................................................138

5.3.3.7 sessions.................................................................................................................................. 138

5.3.3.8 telnet sessions........................................................................................................................139

5.3.3.9 telnet maxsessions ................................................................................................................. 139

5.3.3.10 telnet exec-timeout ...............................................................................................................140

5.3.3.11 show telnet ...........................................................................................................................141

5.3.4 SNMP Server Commands................................................................................................................ 141

5.3.4.1 show snmp .............................................................................................................................141

5.3.4.2 show trapflags ........................................................................................................................142

5.3.4.3 snmp-server sysname ............................................................................................................143

5.3.4.4 snmp-server location ..............................................................................................................143

5.3.4.5 snmp-server contact ...............................................................................................................144

5.3.4.6 snmp-server community .........................................................................................................144

5.3.4.7 snmp-server host....................................................................................................................147

5.3.4.8 snmp-server enable traps....................................................................................................... 147

5.3.5 SNMP Trap Commands...................................................................................................................151

5.3.5.1 show snmptrap .......................................................................................................................151

5.3.5.2 snmp trap link-status ..............................................................................................................151

5.3.5.3 snmptrap <name> <ipaddr> ...................................................................................................153

5.3.5.4 snmptrap ipaddr...................................................................................................................... 153

5.3.5.5 snmptrap mode.......................................................................................................................154

5.3.6 HTTP commands .............................................................................................................................154

5.3.6.1 show ip http ............................................................................................................................154

5.3.6.2 ip javamode ............................................................................................................................155

5.3.6.3 ip http port............................................................................................................................... 155

5.3.6.4 ip http server........................................................................................................................... 156

5.3.6.5 ip http secure-port...................................................................................................................157

5.3.6.6 ip http secure-server...............................................................................................................157

5.3.6.7 ip http secure-protocol ............................................................................................................ 158

5.3.7 Secure Shell (SSH) Commands ......................................................................................................158

5.3.7.1 show ip ssh............................................................................................................................. 158

5.3.7.2 ip ssh ......................................................................................................................................159

5.3.7.3 ip ssh protocol ........................................................................................................................159

5.3.7.4 ip ssh maxsessions ................................................................................................................160

5.3.7.5 ip ssh timeout .........................................................................................................................160

5.3.8 DHCP Client Commands .................................................................................................................161

5.3.8.1 ip dhcp restart.........................................................................................................................161

5.3.8.2 ip dhcp client-identifier............................................................................................................ 161

5.3.9 DHCP Relay Commands .................................................................................................................162

5.3.9.1 Show bootpdhcprelay.............................................................................................................162

5.3.9.2 Bootpdhcprelay maxhopcount................................................................................................163

5.3.9.3 Bootpdhcprelay serverip.........................................................................................................163

5.4 Spanning Tree Commands..................................................................................................................... 164

5.4.1 Show Commands............................................................................................................................. 164

5.4.1.1 show spanning-tree ................................................................................................................164

5.4.1.2 show spanning-tree interface .................................................................................................165

5.4.1.3 show spanning-tree vlan.........................................................................................................166

5.4.1.4 show spanning-tree mst .........................................................................................................166

5.4.1.5 show spanning-tree summary ................................................................................................170

5.4.1.6 show spanning-tree brief ........................................................................................................170

5.4.2 Configuration Commands ................................................................................................................171

5.4.2.1 spanning-tree.......................................................................................................................... 171

5.4.2.2 spanning-tree protocol-migration............................................................................................ 171

5.4.2.3 spanning-tree configuration....................................................................................................172

5.4.2.4 spanning-tree mode................................................................................................................173

5.4.2.5 spanning-tree forward-time ....................................................................................................174

5.4.2.6 spanning-tree hello-time ......................................................................................................... 174

5.4.2.7 spanning-tree max-age...........................................................................................................175

5.4.2.8 spanning-tree max-hops......................................................................................................... 175

5.4.2.9 spanning-tree mst...................................................................................................................176

5.4.2.10 spanning-tree port mode ......................................................................................................180

5.4.2.11 spanning-tree edgeport ........................................................................................................181

5.5 System Log Management Commands ..................................................................................................181

5.5.1 Show Commands............................................................................................................................. 181

5.5.1.1 show logging........................................................................................................................... 181

5.5.2 show logging buffered......................................................................................................................182

5.5.3 show logging traplog ........................................................................................................................182

5.5.3.1 show logging hosts................................................................................................................. 183

5.5.4 Configuration Commands ................................................................................................................184

5.5.4.1 logging buffered......................................................................................................................184

5.5.4.2 logging console.......................................................................................................................185

5.5.4.3 logging host ............................................................................................................................185

5.5.4.4 logging syslog.........................................................................................................................187

5.5.4.5 clear logging buffered............................................................................................................. 188

5.6 Script Management Commands............................................................................................................. 188

5.6.1 script apply ....................................................................................................................................... 188

5.6.2 script delete......................................................................................................................................189

5.6.3 script list ...........................................................................................................................................189

5.6.4 script show .......................................................................................................................................190

5.7 User Account Management Commands ...............................................................................................190

5.7.1 Show Commands............................................................................................................................. 190

5.7.1.1 show users .............................................................................................................................190

5.7.2 Configuration Commands ................................................................................................................191

5.7.2.1 username................................................................................................................................ 191

5.7.2.2 username snmpv3 authentication ..........................................................................................192

5.7.2.3 username snmpv3 encryption ................................................................................................193

5.8 Security Commands................................................................................................................................193

5.8.1 Show Commands............................................................................................................................. 193

5.8.1.1 show users authentication......................................................................................................193

5.8.1.2 show authentication................................................................................................................ 194

5.8.1.3 show authentication users......................................................................................................195

5.8.1.4 show dot1x .............................................................................................................................195

5.8.1.5 show dot1x detail....................................................................................................................196

5.8.1.6 show dot1x statistics...............................................................................................................197

5.8.1.7 show dot1x summary..............................................................................................................198

5.8.1.8 show dot1x users....................................................................................................................198

5.8.1.9 show radius-servers ...............................................................................................................199

5.8.1.10 show radius ..........................................................................................................................199

5.8.1.11 show radius accounting........................................................................................................ 200

5.8.1.12 show radius statistics............................................................................................................201

5.8.1.13 show tacacs..........................................................................................................................202

5.8.1.14 show port-security ................................................................................................................203

5.8.2 Configuration Commands ................................................................................................................205

5.8.2.1 authentication login.................................................................................................................205

5.8.2.2 username defaultlogin ............................................................................................................206

5.8.2.3 username login .......................................................................................................................207

5.8.3 Dot1x Configuration Commands......................................................................................................208

5.8.3.1 dot1x initialize ......................................................................................................................... 208

5.8.3.2 dot1x default-login ..................................................................................................................208

5.8.3.3 dot1x login ..............................................................................................................................209

5.8.3.4 dot1x system-auth-control ......................................................................................................209

5.8.3.5 dot1x user...............................................................................................................................210

5.8.3.6 dot1x port-control....................................................................................................................210

5.8.3.7 dot1x max-req......................................................................................................................... 212

5.8.3.8 dot1x re-authentication........................................................................................................... 212

5.8.3.9 dot1x re-reauthenticate...........................................................................................................213

5.8.3.10 dot1x timeout ........................................................................................................................ 213

5.8.4 Radius Configuration Commands .................................................................................................... 214

5.8.4.1 radius accounting mode .........................................................................................................214

5.8.4.2 radius-server host...................................................................................................................215

5.8.4.3 radius-sever key .....................................................................................................................216

5.8.4.4 radius-server retransmit..........................................................................................................216

5.8.4.5 radius-server timeout..............................................................................................................217

5.8.4.6 radius-server msgauth............................................................................................................217

5.8.4.7 radius-server primary..............................................................................................................218

5.8.5 TACACS Configuration Commands.................................................................................................219

5.8.5.1 tacacs .....................................................................................................................................219

5.8.5.2 tacacs mode ...........................................................................................................................219

5.8.5.3 tacacs server-ip ......................................................................................................................220

5.8.5.4 tacacs port ..............................................................................................................................220

5.8.5.5 tacacs key............................................................................................................................... 221

5.8.5.6 tacacs retry .............................................................................................................................221

5.8.5.7 tacacs timeout ........................................................................................................................222

5.8.6 Port Security Configuration Commands ..........................................................................................222

5.8.6.1 port-security............................................................................................................................222

5.8.6.2 port-security max-dynamic .....................................................................................................223

5.8.6.3 port-security max-static ..........................................................................................................223

5.8.6.4 port-security mac-address...................................................................................................... 224

5.8.6.5 port-security mac-address move ............................................................................................225

5.9 CDP (Cisco Discovery Protocol) Commands ....................................................................................... 225

5.9.1 Show Commands............................................................................................................................. 225

5.9.1.1 show cdp ................................................................................................................................225

5.9.1.2 show cdp neighbors................................................................................................................226

5.9.1.3 show cdp traffic.......................................................................................................................227

5.9.2 Configuration Commands ................................................................................................................227

5.9.2.1 cdp .......................................................................................................................................... 227

5.9.2.2 cdp run.................................................................................................................................... 228

5.9.2.3 cdp timer................................................................................................................................. 229

5.9.2.4 cdp holdtime ...........................................................................................................................229

5.10 SNTP (Simple Network Time Protocol) Commands........................................................................... 230

5.10.1 Show Commands........................................................................................................................... 230

5.10.1.1 show sntp .............................................................................................................................230

5.10.2 Configuration Commands ..............................................................................................................232

5.10.2.1 sntp broadcast client poll-interval .........................................................................................232

5.10.2.2 sntp client mode ...................................................................................................................232

5.10.2.3 sntp client port ......................................................................................................................233

5.10.2.4 sntp unicast client poll-interval .............................................................................................233

5.10.2.5 sntp unicast client poll-timeout .............................................................................................234

5.10.2.6 sntp unicast client poll-retry..................................................................................................234

5.10.2.7 sntp server............................................................................................................................235

5.10.2.8 sntp clock timezone ..............................................................................................................236

5.11 System Utilities...................................................................................................................................... 236

5.11.1 clear ...............................................................................................................................................236

5.11.1.1 clear arp................................................................................................................................ 236

5.11.1.2 clear traplog..........................................................................................................................237

5.11.1.3 clear eventlog .......................................................................................................................237

5.11.1.4 clear logging buffered........................................................................................................... 238

5.11.1.5 clear config ...........................................................................................................................238

5.11.1.6 clear pass .............................................................................................................................239

5.11.1.7 clear counters ....................................................................................................................... 239

5.11.1.8 clear dns counter .................................................................................................................. 239

5.11.1.9 clear dns cache ....................................................................................................................240

5.11.1.10 clear cdp .............................................................................................................................240

5.11.1.11 clear vlan ............................................................................................................................241

5.11.1.12 enable passwd....................................................................................................................241

5.11.1.13 clear igmp snooping ...........................................................................................................242

5.11.1.14 clear port-channel...............................................................................................................242

5.11.1.15 clear ip filter ........................................................................................................................242

5.11.1.16 clear dot1x statistics ...........................................................................................................243

5.11.1.17 clear radius statistics ..........................................................................................................243

5.11.1.18 clear tacacs ........................................................................................................................244

5.11.2 copy................................................................................................................................................244

5.11.3 delete .............................................................................................................................................247

5.11.4 dir ...................................................................................................................................................247

5.11.5 whichboot ....................................................................................................................................... 248

5.11.6 boot-system....................................................................................................................................249

5.11.7 ping ................................................................................................................................................249

5.11.8 traceroute ....................................................................................................................................... 250

5.11.9 logging cli-command ......................................................................................................................251

5.11.10 calendar set..................................................................................................................................251

5.11.11 reload ...........................................................................................................................................252

5.11.12 configure ......................................................................................................................................252

5.11.13 disconnect .................................................................................................................................... 253

5.11.14 hostname .....................................................................................................................................253

5.11.15 quit ...............................................................................................................................................254

5.12 Differentiated Service Command......................................................................................................... 254

5.12.1 General Commands.......................................................................................................................255

5.12.1.1 diffserv ..................................................................................................................................255

5.12.1.2 no diffserv .............................................................................................................................256

5.12.2 Class Commands........................................................................................................................... 256

5.12.2.1 class-map .............................................................................................................................257

5.12.2.2 no class-map ........................................................................................................................257

5.12.2.3 class-map rename ................................................................................................................ 258

5.12.2.4 match any .............................................................................................................................258

5.12.2.5 match class-map ..................................................................................................................259

5.12.2.6 no match class-map .............................................................................................................259

5.12.2.7 match dstip ...........................................................................................................................260

5.12.2.8 match dstl4port ..................................................................................................................... 260

5.12.2.9 match ip dscp .......................................................................................................................261

5.12.2.10 match ip precedence ..........................................................................................................262

5.12.2.11 match ip tos ........................................................................................................................262

5.12.2.12 match protocol .................................................................................................................... 263

5.12.2.13 match srcip .........................................................................................................................263

5.12.2.14 match srcl4port ................................................................................................................... 264

5.12.3 Policy Commands ..........................................................................................................................265

5.12.3.1 assign-queue ........................................................................................................................ 265

5.12.3.2 drop.......................................................................................................................................266

5.12.3.3 redirect.................................................................................................................................. 266

5.12.3.4 conform-color........................................................................................................................267

5.12.3.5 mark cos ...............................................................................................................................267

5.12.3.6 class......................................................................................................................................268

5.12.3.7 no class ................................................................................................................................268

5.12.3.8 mark ip-dscp ......................................................................................................................... 268

5.12.3.9 mark ip-precedence.............................................................................................................. 269

5.12.3.10 police-simple....................................................................................................................... 269

5.12.3.11 policy-map ..........................................................................................................................270

5.12.3.12 policy-map rename ............................................................................................................. 270

5.12.4 Service Commands........................................................................................................................ 271

5.12.4.1 service-policy........................................................................................................................271

5.12.4.2 no service-policy...................................................................................................................272

5.12.5 Show Commands........................................................................................................................... 272

5.12.5.1 show class-map....................................................................................................................273

5.12.5.2 show diffserv......................................................................................................................... 274

5.12.5.3 show policy-map...................................................................................................................275

5.12.5.4 show diffserv service ............................................................................................................276

5.12.5.5 show diffserv service brief ....................................................................................................277

5.12.5.6 show policy-map interface.................................................................................................... 278

5.12.5.7 show service-policy ..............................................................................................................279

5.13 ACL Command....................................................................................................................................... 281

5.13.1 Show Commands........................................................................................................................... 281

5.13.1.1 show mac access-lists..........................................................................................................281

5.13.1.2 show mac access-lists..........................................................................................................282

5.13.1.3 show ip access-lists..............................................................................................................282

5.13.1.4 show access-lists interface................................................................................................... 283

5.13.2 Configuration Commands ..............................................................................................................284

5.13.2.1 mac access-list extended ..................................................................................................... 284

5.13.2.2 mac access-list extended ..................................................................................................... 284

5.13.2.3 mac access-list ..................................................................................................................... 285

5.13.2.4 mac access-group in ............................................................................................................286

5.13.2.5 access-list.............................................................................................................................287

5.13.2.6 no access-list........................................................................................................................287

5.13.2.7 ip access-group ....................................................................................................................288

5.14 CoS (Class of Service) Command .......................................................................................................288

5.14.1 Show Commands........................................................................................................................... 288

5.14.1.1 show queue cos-map ...........................................................................................................288

5.14.1.2 show queue ip-precedence-mapping ...................................................................................289

5.14.1.3 show queue trust ..................................................................................................................290

5.14.1.4 show queue cos-queue ........................................................................................................291

5.14.2 Configuration Commands ..............................................................................................................292

5.14.2.1 queue cos-map.....................................................................................................................292

5.14.2.2 queue ip-precedence-mapping............................................................................................. 293

5.14.2.3 queue trust............................................................................................................................ 294

5.14.2.4 queue cos-queue min-bandwidth .........................................................................................295

5.14.2.5 queue cos-queue strict .........................................................................................................296

5.14.2.6 queue cos-queue traffic-shape.............................................................................................297

6 ROUTING COMMANDS .....................................................................................................299

6.1 Address Resolution Protocol (ARP) Commands .................................................................................302

6.1.1 Show Commands............................................................................................................................. 302

6.1.1.1 show ip arp .............................................................................................................................302

6.1.1.2 show ip arp brief .....................................................................................................................302

6.1.1.3 show ip arp static....................................................................................................................303

6.1.2 Configuration Commands ................................................................................................................304

6.1.2.1 arp...........................................................................................................................................304

6.1.2.2 ip proxy-arp............................................................................................................................. 304

6.1.2.3 arp cachesize .........................................................................................................................305

6.1.2.4 arp dynamicrenew ..................................................................................................................305

6.1.2.5 arp purge ................................................................................................................................305

6.1.2.6 arp resptime............................................................................................................................ 306

6.1.2.7 arp retries ...............................................................................................................................306

6.1.2.8 arp timeout..............................................................................................................................307

6.1.2.9 clear arp-cache.......................................................................................................................307

6.2 IP Routing Commands ............................................................................................................................ 307

6.2.1 Show Commands............................................................................................................................. 307

6.2.1.1 show ip brief ...........................................................................................................................307

6.2.1.2 show ip interface port .............................................................................................................308

6.2.1.3 show ip interface brief.............................................................................................................309

6.2.1.4 show ip route ..........................................................................................................................309

6.2.1.5 show ip route bestroutes ........................................................................................................310

6.2.1.6 show ip route entry .................................................................................................................310

6.2.1.7 show ip route precedence ......................................................................................................311

6.2.1.8 show ip traffic.......................................................................................................................... 312

6.2.2 Configuration Commands ................................................................................................................312

6.2.2.1 routing..................................................................................................................................... 312

6.2.2.2 ip routing.................................................................................................................................313

6.2.2.3 ip address ...............................................................................................................................313

6.2.2.4 ip route.................................................................................................................................... 313

6.2.2.5 ip route default-next-hop ........................................................................................................314

6.2.2.6 ip route precedence................................................................................................................ 314

6.2.2.7 ip forwarding ........................................................................................................................... 315

6.2.2.8 ip directed-broadcast .............................................................................................................. 315

6.2.2.9 ip mtu...................................................................................................................................... 316

6.2.2.10 encapsulation .......................................................................................................................316

6.3 Open Shortest Path First (OSPF) Commands ......................................................................................317

6.3.1 Show Commands............................................................................................................................. 317

6.3.1.1 show ip ospf............................................................................................................................ 317

6.3.1.2 show ip ospf area ...................................................................................................................318

6.3.1.3 show ip ospf database............................................................................................................318

6.3.1.4 show ip ospf interface.............................................................................................................319

6.3.1.5 show ip ospf interface brief..................................................................................................... 320

6.3.1.6 show ip ospf interface stats ....................................................................................................321

6.3.1.7 show ip ospf neighbor.............................................................................................................321

6.3.1.8 show ip ospf neighbor brief ....................................................................................................322

6.3.1.9 show ip ospf range .................................................................................................................323

6.3.1.10 show ip ospf stub table ......................................................................................................... 324

6.3.1.11 show ip ospf virtual-link ........................................................................................................324

6.3.1.12 show ip ospf virtual-link brief ................................................................................................325

6.3.2 Configuration Commands ................................................................................................................326

6.3.2.1 enable.....................................................................................................................................326

6.3.2.2 no area ...................................................................................................................................326

6.3.2.3 ip ospf .....................................................................................................................................327

6.3.2.4 1583compatibility....................................................................................................................327

6.3.2.5 area default-cost.....................................................................................................................328

6.3.2.6 area nssa................................................................................................................................328

6.3.2.7 area nssa default-info-originate..............................................................................................329

6.3.2.8 area nssa no-redistribute........................................................................................................ 329

6.3.2.9 area nssa no-summary........................................................................................................... 330

6.3.2.10 area nssa translator-role ......................................................................................................330

6.3.2.11 area nssa translator-stab-intv............................................................................................... 331

6.3.2.12 area range ............................................................................................................................331

6.3.2.13 area stub............................................................................................................................... 332

6.3.2.14 area stub summarylsa ..........................................................................................................332

6.3.2.15 area virtual-link authentication..............................................................................................333

6.3.2.16 area virtual-link dead-interval ...............................................................................................333

6.3.2.17 area virtual-link hello-interval................................................................................................ 334

6.3.2.18 area virtual-link retransmit-interval .......................................................................................335

6.3.2.19 area virtual-link transmit-delay .............................................................................................335

6.3.2.20 default-information originate.................................................................................................336

6.3.2.21 default-metric........................................................................................................................336

6.3.2.22 distance ospf ........................................................................................................................337

6.3.2.23 distribute-list out ...................................................................................................................337

6.3.2.24 exit-overflow-interval.............................................................................................................338

6.3.2.25 external-lsdb-limit .................................................................................................................339

6.3.2.26 ip ospf areaid ........................................................................................................................ 339

6.3.2.27 ip ospf authentication............................................................................................................340

6.3.2.28 ip ospf cost ...........................................................................................................................340

6.3.2.29 ip ospf dead-interval .............................................................................................................341

6.3.2.30 ip ospf hello -interval.............................................................................................................342

6.3.2.31 ip ospf priority .......................................................................................................................342

6.3.2.32 ip ospf retransmit-interval .....................................................................................................343

6.3.2.33 ip ospf transmit-delay ...........................................................................................................343

6.3.2.34 ip ospf mtu-ignore................................................................................................................. 344

6.3.2.35 router-id ................................................................................................................................345

6.3.2.36 redistribute............................................................................................................................345

6.3.2.37 maximum-paths .................................................................................................................... 346

6.4 Bootp/DHCP Relay Commands.............................................................................................................. 346

6.4.1 show bootpdhcprelay .......................................................................................................................346

6.4.2 bootpdhcprelay cidoptmode.............................................................................................................347

6.4.3 bootpdhcprelay enable.....................................................................................................................347

6.4.4 bootpdhcprelay maxhopcount..........................................................................................................348

6.4.5 bootpdhcprelay minwaittime ............................................................................................................348

6.4.6 bootpdhcprelay serverip................................................................................................................... 349

6.4.7 ip dhcp restart ..................................................................................................................................349

6.4.8 ip dhcp client-identifier .....................................................................................................................349

6.5 Domain Name Server Relay Commands ............................................................................................... 350

6.5.1 Show Commands............................................................................................................................. 350

6.5.1.1 show hosts.............................................................................................................................. 350

6.5.1.2 show dns ................................................................................................................................350

6.5.1.3 show dns cache......................................................................................................................351

6.5.2 Configuration Commands ................................................................................................................352

6.5.2.1 ip hosts ...................................................................................................................................352

6.5.2.2 clear hosts ..............................................................................................................................352

6.5.2.3 ip domain-name......................................................................................................................353

6.5.2.4 ip domain-list ..........................................................................................................................353

6.5.2.5 ip name-server........................................................................................................................354

6.5.2.6 ip domain-lookup ....................................................................................................................354

6.5.2.7 clear domain-list .....................................................................................................................355

6.5.2.8 clear dns .................................................................................................................................355

6.5.2.9 clear dns cache ......................................................................................................................356

6.5.2.10 clear dns counter .................................................................................................................. 356

6.6 Routing Information Protocol (RIP) Commands .................................................................................. 357

6.6.1 Show Commands............................................................................................................................. 357

6.6.1.1 show ip rip ..............................................................................................................................357

6.6.1.2 show ip rip interface................................................................................................................358

6.6.1.3 show ip rip interface brief........................................................................................................358

6.6.2 Configuration Commands ................................................................................................................359

6.6.2.1 enable rip................................................................................................................................359

6.6.2.2 ip rip........................................................................................................................................360

6.6.2.3 auto-summary.........................................................................................................................360

6.6.2.4 default-information originate...................................................................................................361

6.6.2.5 default-metric..........................................................................................................................361

6.6.2.6 distance rip .............................................................................................................................362

6.6.2.7 hostrouteaccept ...................................................................................................................... 362

6.6.2.8 split-horizon ............................................................................................................................363

6.6.2.9 distribute-list ...........................................................................................................................363

6.6.2.10 redistribute............................................................................................................................364

6.6.2.11 ip rip authentication ..............................................................................................................364

6.6.2.12 ip rip receive version.............................................................................................................365

6.6.2.13 ip rip send version ................................................................................................................366

6.7 Router Discovery Protocol Commands ................................................................................................366

6.7.1 show ip irdp ...................................................................................................................................... 366

6.7.2 ip irdp ...............................................................................................................................................367

6.7.3 ip irdp broadcast...............................................................................................................................368

6.7.4 ip irdp holdtime.................................................................................................................................368

6.7.5 ip irdp maxadvertinterval..................................................................................................................369

6.7.6 ip irdp minadvertinterval...................................................................................................................369

6.7.7 ip irdp preference .............................................................................................................................370

6.8 VLAN Routing Commands......................................................................................................................370

6.8.1 show ip vlan .....................................................................................................................................370

6.8.2 vlan routing.......................................................................................................................................371

6.9 Virtual Router Redundancy Protocol (VRRP) Commands ..................................................................371

6.9.1 Show Commands............................................................................................................................. 371

6.9.1.1 show ip vrrp ............................................................................................................................371

6.9.1.2 show ip vrrp brief ....................................................................................................................372

6.9.1.3 show ip vrrp interface .............................................................................................................372

6.9.1.4 show ip vrrp interface stats..................................................................................................... 373

6.9.2 Configuration Commands ................................................................................................................374

6.9.2.1 ip vrrp...................................................................................................................................... 374

6.9.2.2 ip vrrp ip.................................................................................................................................. 375

6.9.2.3 ip vrrp mode............................................................................................................................ 375

6.9.2.4 ip vrrp authentication ..............................................................................................................376

6.9.2.5 ip vrrp preempt .......................................................................................................................376

6.9.2.6 ip vrrp priority..........................................................................................................................377

6.9.2.7 ip vrrp timers advertise ...........................................................................................................377

7 IP MULTICAST COMMANDS.............................................................................................380

7.1 Distance Vector Multicast Routing Protocol (DVMRP) Commands ................................................... 380

7.1.1 Show Commands............................................................................................................................. 380

7.1.1.1 show ip dvmrp ........................................................................................................................380

7.1.1.2 show ip dvmrp interface..........................................................................................................381

7.1.1.3 show ip dvmrp neighbor .........................................................................................................381

7.1.1.4 show ip dvmrp nexthop...........................................................................................................382

7.1.1.5 show ip dvmrp prune ..............................................................................................................382

7.1.1.6 show ip dvmrp route ...............................................................................................................383

7.1.2 Configuration Commands ................................................................................................................384

7.1.2.1 ip dvmrp..................................................................................................................................384

7.1.2.2 ip dvmrp metric .......................................................................................................................384

7.2 Internet Group Management Protocol (IGMP) Commands .................................................................385

7.2.1 Show Commands............................................................................................................................. 385

7.2.1.1 show ip igmp........................................................................................................................... 385

7.2.1.2 show ip igmp groups...............................................................................................................385

7.2.1.3 show ip igmp interface............................................................................................................ 386

7.2.1.4 show ip igmp interface membership.......................................................................................387

7.2.1.5 show ip igmp interface stats ...................................................................................................388

7.2.2 Configuration Commands ................................................................................................................389

7.2.2.1 ip igmp ....................................................................................................................................389

7.2.2.2 ip igmp version .......................................................................................................................389

7.2.2.3 ip igmp last-member-query-count...........................................................................................390

7.2.2.4 ip igmp last-member-query-interval........................................................................................390

7.2.2.5 ip igmp query-interval .............................................................................................................391

7.2.2.6 ip igmp query-max-response-time..........................................................................................391

7.2.2.7 ip igmp robustness .................................................................................................................392

7.2.2.8 ip igmp startup-query-count.................................................................................................... 392

7.2.2.9 ip igmp startup-query-interval.................................................................................................393

7.3 Multicast Commands ..............................................................................................................................393

7.3.1 Show Commands............................................................................................................................. 393

7.3.1.1 show ip mcast.........................................................................................................................393

7.3.1.2 show ip mcast boundary......................................................................................................... 394

7.3.1.3 show ip mcast interface .......................................................................................................... 395

7.3.1.4 show ip mcast mroute.............................................................................................................395

7.3.1.5 show mrinfo ............................................................................................................................398

7.3.1.6 show mstat .............................................................................................................................399

7.3.1.7 show mtrace ...........................................................................................................................399

7.3.2 Configuration Commands ................................................................................................................400

7.3.2.1 ip multicast.............................................................................................................................. 400

7.3.2.2 ip multicast staticroute ............................................................................................................401

7.3.2.3 no ip mcast mroute ................................................................................................................. 401

7.3.2.4 ip mcast boundary ..................................................................................................................402

7.3.2.5 ip multicast ttl-threshold.......................................................................................................... 403

7.3.2.6 mrinfo...................................................................................................................................... 403

7.3.2.7 mstat ....................................................................................................................................... 404

7.3.2.8 mtrace..................................................................................................................................... 405

7.3.2.9 disable ip multicast mdebug mtrace.......................................................................................405

7.4 Protocol Independent Multicast – Dense Mode (PIM-DM) Commands .............................................. 406

7.4.1 Show Commands............................................................................................................................. 406

7.4.1.1 show ip pimdm........................................................................................................................406

7.4.1.2 show ip pimdm interface......................................................................................................... 407

7.4.1.3 show ip pimdm interface stats ................................................................................................407

7.4.1.4 show ip pimdm neighbor.........................................................................................................408

7.4.2 Configuration Commands ................................................................................................................408

7.4.2.1 ip pimdm .................................................................................................................................408

7.4.2.2 ip pimdm mode ....................................................................................................................... 409

7.4.2.3 ip pimdm query-interval ..........................................................................................................409

7.5 Protocol Independent Multicast – Sparse Mode (PIM-SM) Commands ............................................. 410

7.5.1 Show Commands............................................................................................................................. 410

7.5.1.1 show ip pimsm........................................................................................................................410

7.5.1.2 show ip pimsm componenttable............................................................................................. 411

7.5.1.3 show ip pimsm interface ......................................................................................................... 411

7.5.1.4 show ip pimsm interface stats ................................................................................................412

7.5.1.5 show ip pimsm neighbor......................................................................................................... 413

7.5.1.6 show ip pimsm rp.................................................................................................................... 413

7.5.1.7 show ip pimsm rphash............................................................................................................ 414

7.5.1.8 show ip pimsm staticrp ...........................................................................................................415

7.5.2 Configuration Commands ................................................................................................................415

7.5.2.1 ip pimsm .................................................................................................................................415

7.5.2.2 ip pimsm message-interval..................................................................................................... 416

7.5.2.3 ip pimsm register-rate-limit .....................................................................................................416

7.5.2.4 ip pimsm spt-threshold ...........................................................................................................417

7.5.2.5 ip pimsm staticrp.....................................................................................................................417

7.5.2.6 ip pimsm mode .......................................................................................................................418

7.5.2.7 ip pimsm query-interval ..........................................................................................................419

7.5.2.8 ip pimsm cbsrpreference ........................................................................................................419

7.5.2.9 ip pimsm cbsrhashmasklength ...............................................................................................420

7.5.2.10 ip pimsm crppreference ........................................................................................................ 420

8 WEB-BASED MANAGEMENT INTERFACE...................................................................... 423

8.1 Overview...................................................................................................................................................423

8.2 Main Menu ................................................................................................................................................424

8.2.1 System Menu ...................................................................................................................................424

8.2.1.1 View ARP Cache .................................................................................................................... 424

8.2.1.2 Viewing Inventory Information ................................................................................................425

8.2.1.3 Configuring Management Session and Network Parameters ................................................426

8.2.1.4 Defining Forwarding Database...............................................................................................437

8.2.1.5 Viewing Logs ..........................................................................................................................439

8.2.1.6 Managing Switch Interface .....................................................................................................444

8.2.1.7 Defining SNMP ....................................................................................................................... 449

8.2.1.8 Viewing Statistics....................................................................................................................453

8.2.1.9 Managing System Utilities ......................................................................................................464

8.2.1.10 Defining Trap Manager......................................................................................................... 472

8.2.1.11 Configuring SNTP.................................................................................................................474

8.2.1.12 Defining DHCP Client........................................................................................................... 480

8.2.2 Switching Menu................................................................................................................................ 481

8.2.2.1 Managing Port-based VLAN................................................................................................... 481

8.2.2.2 Managing Protocol-based VLAN ............................................................................................486

8.2.2.3 Defining GARP .......................................................................................................................488

8.2.2.4 Managing IGMP Snooping .....................................................................................................491

8.2.2.5 Managing Port-Channel .........................................................................................................500

8.2.2.6 Viewing Multicast Forwarding Database ................................................................................502

8.2.2.7 Managing Spanning Tree .......................................................................................................505

8.2.2.8 Defining 802.1p priority...........................................................................................................512

8.2.2.9 Managing Port Security ..........................................................................................................513

8.2.3 Routing Menu................................................................................................................................... 516

8.2.3.1 Managing ARP Table .............................................................................................................516

8.2.3.2 Managing IP Interfaces...........................................................................................................519

8.2.3.3 Managing OSPF ..................................................................................................................... 525

8.2.3.4 Managing BOOTP/DHCP Relay Agent ..................................................................................546

8.2.3.5 Managing DNS Relay............................................................................................................. 548

8.2.3.6 Managing Routing Information Protocol (RIP) .......................................................................552

8.2.3.7 Managing Router Discovery ...................................................................................................558

8.2.3.8 Managing Route Table ...........................................................................................................560

8.2.3.9 Managing VLAN Routing........................................................................................................565

8.2.3.10 Managing VRRP................................................................................................................... 567

8.2.4 Security Menu ..................................................................................................................................572

8.2.4.1 Managing Access Control (802.1x) ........................................................................................572

8.2.4.2 Managing RADIUS .................................................................................................................581

8.2.4.3 Defining TACACS Configuration ............................................................................................587

8.2.4.4 Defining IP Filter Configuration ..............................................................................................588

8.2.4.5 Defining Secure Http Configuration........................................................................................ 589

8.2.4.6 Defining Secure Shell Configuration ......................................................................................590

8.2.5 QOS Menu .......................................................................................................................................591

8.2.5.1 Managing Access Control Lists ..............................................................................................591

8.2.5.2 Managing Differentiated Services ..........................................................................................599

8.2.5.3 Configuring Diffserv Wizard Page ..........................................................................................607

8.2.5.4 Managing Class of Service..................................................................................................... 608

8.2.6 IP Multicast Menu.............................................................................................................................612

8.2.6.1 Managing DVMRP Protocol ...................................................................................................612

8.2.6.2 Managing IGMP Protocol .......................................................................................................618

8.2.6.3 Defining Multicast Configuration............................................................................................. 624

8.2.6.4 Configuring Multicast Mdebug................................................................................................629

8.2.6.5 Managing PIM-DM Protocol ...................................................................................................633

8.2.6.6 Managing PIM-SM Protocol ...................................................................................................635

1 Introduction

1.1 Switch Description

The Fortinet FortiSwitch-100 Ethernet Switch is a modular Gigabit Ethernet backbone switch designed for adaptability and scalability. The switch can utilize up to forty-eight Gigabit Ethernet ports to function as a central distribution hub for other switches, switch groups, or routers. The two built-in combination Gigabit ports support 1000BASE-T or SFP Gigabit connections. The FortiSwitch-100 also provides two types of 10 Gigabit Ethernet interfaces on the optional daughter board, yielding four additional ports: four powered CX4 interfaces in the FS-TRX100-CX4, or four SFP+ interfaces in the FS-TRX100-SFP.

1.2 Features

• Supports 48 10/100/1000BASE-T RJ45 Ethernet ports

• Built-in combination 1000BASE-T/SFP ports

• Supports two different daughter boards

• FS-TRX100-CX4: two four powered CX4 interfaces

• FS-TRX100-SFP: four SFP+ interfaces

• Supports 802.1D STP, 802.1S MSTP, and 802.1w Rapid Spanning Tree for

redundant back up bridge paths

• Supports 802.1Q VLAN, GVRP, GMRP, IGMP snooping, 802.1p Priority Queues, Port Channel, port mirroring

• Multi-layer Access Control (based on MAC address, IP address, VLAN, Protocol,

802.1p, DSCP)

• Quality of Service (QoS) customized control

• 802.1x (port-based) access control and RADIUS Client support

• Administrator-definable port security

• Per-port bandwidth control

• IEEE 802.3z and IEEE 802.3x compliant Flow Control for all Gigabit ports

• SNMP v.1, v.2, v.3 network management, RMON support

• Supports Web-based management

• CLI management support

• DHCP Client and Relay support

• DNS Client and Relay support

• Fully configurable either in-band or out-of-band control via RS-232 console serial

connection

• Telnet remote control console

• TraceRoute support

• Traffic Segmentation

• TFTP upgrade

• SysLog support

• Simple Network Time Protocol

• Web GUI Traffic Monitoring

• SSH Secure Shell version 1 and 2 support

• SSL Secure HTTP TLS Version 1 and SSL version 3 support

• ARP support

• IP Routing support

• OSPF support

• RIP v1 and v2 support

• Router Discovery Protocol support

• VLAN routing support

• Virtual Router Redundancy Protocol (VRRP) support

• IP Multicast support

• Protocol Independent Multicast - Dense Mode (PIM-DM) support

• Protocol Independent Multicast - Sparse Mode (PIM-SM) support

• IGMP v1, v2, and v3 support

• DVMRP support

• 10 GE uplink interfaces, CX4 or SFP+ depending on the selected daughter board

1.3 Front-Panel Components

The front panel of the switch consists of 48 1-Giga interfaces, 4 LED indicators, an RS-232 communication port, and two SFP (Mini-GBIC) Combo ports.

4 LEDs divided into two parts. 2 LED indicators on the upper display the status and power the switch. 2 LED indicators on the lower are used to display the status of SFP interface. An RS-232 DCE console port is for setting up and managing the switch via a connection to a console terminal or PC using a terminal emulation program.

1.4 LED Indicators

2 LED indicators on the upper represent the status and power the switch. 2 LED indicators on the lower are used to display each activity and link status of two SFP interfaces.

1.5 Rear Panel Description

The rear panel of the switch contains an AC power connector and a slot to plug in the 10 GE daughter board.

The AC power connector is a standard three-pronged connector that supports the power cord. Plug the female connector of the provided power cord into this socket, and the male side of the cord into a power outlet. The switch automatically adjusts its power setting to any supply voltage in the range from 100 ~ 240 VAC at 50 ~ 60 Hz.

The FortiSwitch-100 ships with one of two different daughter board types that provide the 10 GE uplink interfaces. For the FS-TRX100-CX4, the daughter board provides four powered CX4 interfaces; For the FS-TRX100-SFP it provides four SFP+ interfaces.

1.6 Management Options

The system may be managed out-of-band through the console port on the front panel or in-band using Telnet, a Web Browser, or SNMP.

1.7 Web-based Management Interface

After you have successfully installed the switch, you can configure the switch, monitor the LED panel, and display statistics graphically using a Web browser, such as Netscape Navigator (version 6.2 and higher) or Microsoft® Internet Explorer (version 5.0).

NOTE: To access the switch through a Web browser, the computer running the Web browser must have IP-based network access to the switch.

1.8 Command Line Console Interface Through the Serial Port or Telnet

You can also connect a computer or terminal to the serial console port or use Telnet to access the switch. The command-line-driven interface provides complete access to all switch management features.

1.9 SNMP-Based Management

You can manage the switch with an SNMP-compatible console program. The switch supports SNMP version 1.0, version 2.0, and version 3.0. The SNMP agent decodes the incoming SNMP messages and responds to requests with MIB objects stored in the database. The SNMP agent updates the MIB objects to generate statistics The switch supports a comprehensive set of MIB extensions:

• RFC1643 Ether-like MIB

• RFC1493 Bridge

• RFC 2819 RMON

• RFC2233 Interface MIB

• RFC2571 (SNMP Frameworks)

• RFC2572 (Message Processing for SNMP)

• RFC2573 (SNMP Applications)

• RFC2576 (Coexistence between SNMPs)

• RFC2618 (Radius-Auth-Client-MIB)

• RFC2620 (Radius-Acc-Client-MIB)

• RFC 1724 (RIPv2-MIB)

• RFC 1850 (OSPF-MIB)

• RFC 1850 (OSPF-TRAP-MIB)

• RFC 2787 (VRRP-MIB)

• RFC 3289 - DIFFSERV-DSCP-TC

• RFC 3289 - DIFFSERV-MIB

• QOS-DIFFSERV-EXTENSIONS-MIB

• QOS-DIFFSERV-PRIVATE-MIB

• RFC2674 802.1p

• RFC 2932 (IPMROUTE-MIB)

• Fortinet Enterprise MIB

• ROUTING-MIB

• MGMD-MIB

• RFC 2934 PIM-MIB

• DVMRP-STD-MIB

• IANA-RTPROTO-MIB

• MULTICAST-MIB

2 Installation and Quick Startup

2.1 Package Contents

Before you begin installing the switch, confirm that your package contains the following items:

• One Fortinet FortiSwitch-100 Ethernet switch

• Mounting kit: 2 mounting brackets and screws

• Four rubber feet with adhesive backing

• One AC power cord

• This User’s Guide with Registration Card

• CLI Reference

• CD-ROM with User’s Guide and CLI Reference

2.2 Switch Installation

2.2.1 Installing the Switch Without the Rack

1. Install the switch on a level surface that can safely support the weight of the switch and its attached cables. The switch must have adequate space for ventilation and for accessing cable connectors.

2. Set the switch on a flat surface and check for proper ventilation. Allow at least 5 cm (2 inches) on each side of the switch and 15 cm (6 inches) at the back for the power cable.

3. Attach the rubber feet on the marked locations on the bottom of the chassis.

The rubber feet are recommended to keep the unit from slipping.

2.2.2 Installing the Switch in a Rack

You can install the switch in most standard 19-inch (48.3-cm) racks. Refer to the illustrations below.

1. Use the supplied screws to attach a mounting bracket to each side of the switch.

2. Align the holes in the mounting bracket with the holes in the rack.

3. Insert and tighten two screws through each of the mounting brackets.

2.3 Quick Starting the Switch

1. Read the device Installation Guide for the connectivity procedure. In-band connectivity allows access to the FortiSwitch- 100 switch locally or from a remote workstation. The device must be configured with IP information (IP address, subnet mask, and default gateway).

2. Turn the Power ON.

3. Allow the device to load the software until the login prompt appears. The device initial state is called the default mode.

4. When the prompt asks for operator login, do the following:

• Type the word admin in the login area. Since a number of the Quick Setup commands require administrator account rights, Fortinet suggests logging into an administrator account.

• Do not enter a password because there is no password in the default mode.

• Press the <Enter> key

• The CLI Privileged EXEC mode prompt will be displayed.

• Use “configure” to switch to the Global Config mode from Privileged EXEC.

• Use “exit” to return to the previous mode.

2.4 System Information Setup

2.4.1 Quick Start up Software Version Information

Table 2-1. Quick Start up Software Version Information

Command Details

show hardware

show switch

Allows the user to see the HW & SW version the device contains System Description - switch's model name

Burned in MAC address - MAC address assigned to this switch CPU

2.4.2 Quick Start up Physical Port Data

Table 2-2. Quick Start up Physical Port

Command Details

+ 610 hidden pages

Fortinet MR1 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

1 Introduction

2 Installation and Quick Startup