Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
viktor_k
New Contributor

HA configuration between Fortigate A-P and upstream swithes (VLAG)

Hi all,

It is my second post in a community. Hope someone can help me.

We have 2xFortigate 200E as A-P cluster, some vlans, SSL VPN, IPSec for some clients and Azure, static route. Active and passive nodes are connected to the same ISP-1 for HA. Scheme is here:

ExternalConnections.jpg

I'd like to to full mesh configuration between Fortigate A-P cluster and 2x upstream switches NE1032T. Going to change Fortigate 200E to Fortigate 200F to get more 10G ports and replace LAG 8x1G to 10G + add additional 10G link from NE1032T-A to Fortigate-B and NE1032T-B to Fortigate-A (all connections are red lines: solid and dotted).

ExternalConnections-Next.jpg

Question - what configuration should I implement on Fortigate and upstream switches? Does only LAG configuration will be enough?

 

TIA,

Viktor

2 REPLIES 2
bpozdena_FTNT

Hi Victor,

 

Yes, it is enough. If your switches are configured with vLAG, you will just configure standard LAG port on Fortigate. 

 

HTH,

Boris

viktor_k

@bpozdena_FTNT many thanks for reply. Not sure what to configure on ports of switches... Current configuration is set as LAG only for connection to Fortigate. Should I add lacpkeys and adminkeys?

 

Viktor