Aggregate Link(.3ad)

Question

Hi all,Recently I have been trying to install an aggregate link that has 2 physical member ports on the standalone Fortigate (311B) to connect to Juniper EX Virtual Chassis in order to increasing redundancy. I configured LACP on ae0 interface on EX Virtual Chassis and it has 2 member ports.Here Topology:[Internet-ISP]--------[Fortigate311B]===(an aggregate_link)====[Juniper EX Virtual Chassis(all LAN traffic)]When I check the bundle ae0 on EX, it is up with all child interfaces. When I look at the fortigate side, it seems it is okay. default route and policy are okay. But traffic is not passing on aggregate link. What can misconfiguration be? What should I do fix this problem? Any idea please?Thanks for your assisstance,Erdal

emnoc · Answer

Does your juniper chassis show any learned mac_address?

show ethernet-switching table sum

Are you sing 802.1q tags? if yes are they allowed on the juniper side?

Do you have layer3 firewall policies bound on the L3 interface(s) on the fortigate?

Can you ping from the ip_address attached on the fortigate to another local device thru the bonded interface?

Is the netmask correct? & allowaccess ping is enabled?

Those would be the basic stuff for checking. if your bonded member are up, than you should beable to ping across the 803.ad bundle and the juniper FDB should be populated with the fortigate mac_adddress.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded