HA configuration between Fortigate A-P and upstream swithes (VLAG)

Forum|Forum|3 years ago
June 9, 2022
1 reply
1428 views

Hi all,

It is my second post in a community. Hope someone can help me.

We have 2xFortigate 200E as A-P cluster, some vlans, SSL VPN, IPSec for some clients and Azure, static route. Active and passive nodes are connected to the same ISP-1 for HA. Scheme is here:

I'd like to to full mesh configuration between Fortigate A-P cluster and 2x upstream switches NE1032T. Going to change Fortigate 200E to Fortigate 200F to get more 10G ports and replace LAG 8x1G to 10G + add additional 10G link from NE1032T-A to Fortigate-B and NE1032T-B to Fortigate-A (all connections are red lines: solid and dotted).

Question - what configuration should I implement on Fortigate and upstream switches? Does only LAG configuration will be enough?

TIA,

Viktor

FortiGate

bpozdena_FTNT

Staff

Hi Victor,

Yes, it is enough. If your switches are configured with vLAG, you will just configure standard LAG port on Fortigate.

HTH,

Boris

viktor_kAuthor

New Member

@bpozdena_FTNT many thanks for reply. Not sure what to configure on ports of switches... Current configuration is set as LAG only for connection to Fortigate. Should I add lacpkeys and adminkeys?

Viktor

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded