aggregated ports 802.3ad going to cisco stacked switch

Forum|Forum|4 years ago
November 29, 2021
1 reply
4849 views

Hi i'm new to this,

Can someone please help me with this or tell me if this is possible.

Devices: 2x Fortigate 601e, 2x Stacked cisco catalyst 9500

edit "Outside"
set vdom "root"
set allowaccess ping https ssh http
set status up
set type aggregate
set alias "FGT_TO_CORE"
set device-identification enable
set snmp-index 27
next
edit "Ext_VLAN3"
set vdom "root"
set allowaccess ping https ssh
set forward-domain 30
set role lan
set snmp-index 28
set interface "Outside"
set vlanid 3
next
edit "Ext_VLAN999"
set vdom "root"
set allowaccess ping https ssh
set forward-domain 90
set role lan
set snmp-index 29
set interface "Outside"
set vlanid 999

**************************

i'm having problem connecting aggregated ports on active active cluster going to stacked switches, ports on secondary firewall and cisco switch is suspended.

i really don't know what's wrong with my configuration, PS*** thanks for replying to this tread

FortiGate

Toshi_Esumi

SuperUser

You're missing

set member "port1" "port2"

under "Outside".

Toshi

ChrisG123Author

New Member

HI Toshi_Esumi,

I have deleted the ports sorry, traffic on primary fortigate is working, but on secondary firewall the port connected to cisco switch are suspended

Toshi_Esumi

SuperUser

It might be something to do with virtual MAC address on each vlan, and probably nothing to do with LAG setting. I don't have any a-a HA so I don't know how it would work. But below old KB says if only one side (your case outside only) is connected to the same switch, it should be fine.
If no one else replies, I would recommend you open a TAC case to ask.
https://community.fortinet.com/t5/FortiGate/Troubleshooting-layer2-switches-connected-to-FortiGate-devices/ta-p/194694?externalID=10507
Then please share the answer. I want to know as well.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded