Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
adecottignies_FTNT
Staff
Staff

Created on ‎08-14-2024 02:30 AM Edited on ‎08-14-2024 02:31 AM By Community Manager

Article Id 333052

Technical Tip: Typical deployments for mgmt access with FortiGate 7000E series

Description This article detailes the two typical deployments with the mgmt LAG for FortiGate-7000
Scope FortiGate-7000
Solution

There are 2 typical deployments with the mgmt lag:

  • A single link on each FIM: 1-mgmt1 and 2-mgmt1 connected.
  • All mgmt ports connected: 1-mgmt1/2/3/4 and 2-mgmt1/2/3/4 connected.

 

One single link on each FIM, for a standalone device:

On the switch side, Port1 and Port2 must be in the same VLAN in access/native mode.

 

adecottignies_FTNT_0-1723627355302.png

 

One single link on each FIM, for a HA device:

On the switch side, Port1 Port2 Port3, and Port4, must be in the same VLAN in access/native mode.

 

adecottignies_FTNT_1-1723627355314.png

 

Multiple Connections in HA context:

On the switch side, Port1 and Port2 are members of the same PortChannel. Port3 and Port4 in another PortChannel. Port5 and Port6 in a different PortChannel. The same for Port7 and Port8 which must be in a further PortChannel.

All PortChannels must be in the same VLAN in access/native mode.

 

adecottignies_FTNT_2-1723627355330.png

 

Related article

Technical TIP: Clarification on the mgmt aggregate interface in FortiGate-7000E
177
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.