Skip to main content
EM_Fortiuser
EM_Fortiuser
Visitor III
December 5, 2024
Question

Fortiswitch vlan not passing

  • December 5, 2024
  • 2 replies
  • 1677 views

I have four standalone switch 1048E.  I am in the process of implementing to new fortigates.  I am having an issue where the switch isnt passing the vlan accross to the uplink port.  This is the HA port for the Fortigate pair.

 

I have packet captured off both the inbound and Uplink port.  I can see the fortigate is sending the HA packets to the port but nothing appears to be getting to the uplink port.  I have reviewed the config to ensure that the vlan is set to allow on that trunk.

 

So my question is that has anyone seen this on Fortiswitches and if so what can I do to fix it.  I have had an open support ticket for months and no resolution so hoping the community can help me out.

 

Thanks ahead time.

Screenshot 2024-12-05 140727.png

2 replies

sjoshi
Staff
sjoshi
Staff
December 5, 2024

Hi,

 

Is it possible to share the topology with proper flow explanation for better understanding

Thanks, Salon
EM_Fortiuser
EM_FortiuserAuthor
Visitor III
December 5, 2024

Updated with logical

EM_Fortiuser
EM_FortiuserAuthor
Visitor III
December 5, 2024

Adding Logical as requested

 

Screenshot 2024-12-05 140727.png

DPadula
Staff & Editor
DPadula
Staff & Editor
December 5, 2024

Could you please share the 'config switch interface' and 'config switch physical-ports' settings for the ports connected to the FGT and the port connect to the Cisco switch?

Fortinet recommend to connect a direct cable between HA ports for a FGT HA cluster. I am assuming your FGT are in different locations or far away racks inside the same DC. Am I right?

https://docs.fortinet.com/document/fortigate/6.0.0/cookbook/834760/connecting-the-backup-fortigate

"If possible, make direct Ethernet connections between the heartbeat interfaces of the two FortiGate units."

 

Regards

DPadula

Terms & ConditionsAccessibility statement