| Description | This article describes the user impact when a Managed FortiSwitch VLAN interface shows the same MAC address on two independent FortiGate HA pairs. |
| Scope | FortiGate-100F v7.0.6 build0366; MCLAG-ICL FSW-424E v7.2.1 build0406; Both FortiGate sites are interconnected using FortiSwitch port5 (MPLS link). |
| Solution |
1) FortiGate at one site cannot ping FortiGate at another site - VLAN92 interface IP addresses are not ping-able from both sites.
2) LAN Users connected to the VLAN on the FortiSwitch port sometimes cannot ping the VLAN gateway. Users may sometimes experience packet loss in the network.
3) Both the FortiGate VLAN92 interface and other VLAN interfaces show the same MAC address 'XX:XX:XX:XX:00:12' (the actual MAC address has been obfuscated in this article):
4) Both FortiGate locations have the same FortiGate (FortiGate-100F) and have the default group-id 0 under 'config system ha', which generates the same MAC address. This is an expected behaviour.
To change the HA Group ID from the FortiGate CLI, run the following:
The ID integer range is from 0-255.
|
