Fortinet 5003 User Manual
Page 53
FortiGate-5050 fabric backplane communication
Fabric gigabit switching to the network
FortiSwitch-5003A and 5003 Fabric and Base Backplane Communications Guide
01-30000-85717-20081205
53
Figure 19: Fabric channel 2 connected to an internal network and fabric channel 1
connected to an external network
If you have two FortiSwitch-5003A boards installed in a chassis you may need to
block communication between fabric channel 1 and fabric channel 2. See
channel connections between FortiSwitch-5003A boards” on page 50
for more
information.
For the FortiGate-5001A boards to use the fabric channels for data
communication you must show backplane interfaces on the FortiGate web-based
manager and then configure firewall polices and routing for the fabric1 and fabric2
interfaces.
If the data traffic contains VLAN-tagged packets, you must add the VLAN tags to
the FortiSwitch-5003A interfaces that will handle the VLAN-tagged traffic. For
example, to allow VLAN tags 80 to 90 on slots 3, 4, and 5 and the F7 front panel
interface, from the FortiSwitch-5003A CLI enter:
config switch fabric-channel interface
edit "slot-3"
set allowed-vlans 1,80-90
next
edit "slot-4"
set allowed-vlans 1,80-90
next
edit "slot-5"
set allowed-vlans 1,80-90
next
edit "f7"
set allowed-vlans 1,80-90
end
Internal Network
1
2
2
3
4
5
SMC
1
SMC
POWER
5050SAP
SERIAL
1
SERIAL
2
ALARM
10/100
link/Act
ETH0 Service
RESET
ST
AT
US
Hot Swap
link/Act
ETH0
ETH1
10/100
5000SM
10/100
link/Act
ETH0 Service
RESET
ST
AT
US
Hot Swap
link/Act
ETH0
ETH1
10/100
5000SM
Fabric channel 2
Data
Communication
Fabric channel 1
Data
Communication
Internal network connected to the F7
front panel fabric interface
to connect to fabric channel 2
External network connected to the F1
front panel fabric interface
to connect to fabric channel 1
External
Network