Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ChrisG123
New Contributor

aggregated ports 802.3ad going to cisco stacked switch

Hi i'm new to this,


Can someone please help me with this or tell me if this is possible.

Devices: 2x Fortigate 601e, 2x Stacked cisco catalyst 9500

 

save.png

edit "Outside"
set vdom "root"
set allowaccess ping https ssh http
set status up
set type aggregate
set alias "FGT_TO_CORE"
set device-identification enable
set snmp-index 27
next
edit "Ext_VLAN3"
set vdom "root"
set allowaccess ping https ssh
set forward-domain 30
set role lan
set snmp-index 28
set interface "Outside"
set vlanid 3
next
edit "Ext_VLAN999"
set vdom "root"
set allowaccess ping https ssh
set forward-domain 90
set role lan
set snmp-index 29
set interface "Outside"
set vlanid 999

**************************

i'm having problem connecting aggregated ports on active active cluster going to stacked switches, ports on secondary firewall and cisco switch is suspended.

 

i really don't know what's wrong with my configuration, PS*** thanks for replying to this tread

4 REPLIES 4
Toshi_Esumi
Esteemed Contributor II

You're missing

  set member "port1" "port2"

under "Outside".

 

Toshi

ChrisG123

HI Toshi_Esumi,

 

I have deleted the ports sorry, traffic on primary fortigate is working, but on secondary firewall the port connected to cisco switch are suspended

Toshi_Esumi
Esteemed Contributor II

It might be something to do with virtual MAC address on each vlan, and probably nothing to do with LAG setting. I don't have any a-a HA so I don't know how it would work. But below old KB says if only one side (your case outside only) is connected to the same switch, it should be fine.
If no one else replies, I would recommend you open a TAC case to ask.
https://community.fortinet.com/t5/FortiGate/Troubleshooting-layer2-switches-connected-to-FortiGate-d...
Then please share the answer. I want to know as well.

 

Toshi_Esumi
Esteemed Contributor II


[Filter: Competitors] Toshi_Esumi's post subject matched "cisco", board "fortinet-discussion".


Post Subject: Re: aggregated ports 802.3ad going to cisco stacked switch


Subject text "cisco" matched filter pattern "cisco".


Post Body:


It might be something to do with virtual MAC address on each vlan, and probably nothing to do with LAG setting. I don't have any a-a HA so I don't know how it would work. But below old KB says if only one side (your case outside only) is connected to the same switch, it should be fine.
If no one else replies, I would recommend you open a TAC case to ask.
https://community.fortinet.com/t5/FortiGate/Troubleshooting-layer2-switches-connected-to-FortiGate-d...
Then please share the answer. I want to know as well.


 


Post by User[id=14083,login=Toshi_Esumi] has message uid 199899.


Link to post: Re: aggregated ports 802.3ad going to cisco stacked switch