ARP Resolution Failing between Foritgate 100D phsyical port and Trunk port on Cisco

Forum|Forum|10 years ago
March 22, 2016
3 replies
4327 views

Hey everyone,

I have an issue with a set up I'm trying to roll out on a 100D appliance. I have 4 vlan subinterfaces configured under one physical port (port5) and a Cisco Catalyst 2960 gig port trunking to port5. Vlanforwarding is enabled on every subinterface, as well as the physical port itself.

When I assign any vlan to another switchport, say 2 on fa0/1, and plug myself into the switchport, DHCP completes, and I can ping every gateway IP on every vlan subinterface on the Fortigate. But, I cannot ping from the management IP on the Cisco to the Management vlan on the fortigate (not the MGMT interface, just another vlan I set up). I get the debug output: encapsulation failed, which points to an ARP entry not being in the switch's ARP table for the fortigate, and sure enough, that's the case.

It's just a simple config on the switchport:

switchport mode trunk

switchport trunk native vlan 1 (yes I know, don't leave that, this is just for testing)

switchport trunk allowed vlan all

Any ideas?

5.2

lperillat

New Member

@catgifs I'm having a very similar issue, did you ever resolve? Thanx

anignan

Staff

Hi @catgifs

What VLAN interface are you using on cisco for management?

Abdel

maranoun

New Member

I think the switchport may be configured incorrectly, or there is a problem with the ARP table on the Cisco switch and the FortiGate appliance itself.

Try pinging the FortiGate appliance's management IP address from another device on the same network. Also, try connecting a laptop directly to the FortiGate appliance's management interface and pinging the management VLAN.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded