I have two 600Fs in active-active HA that will be connected to two Cisco Nexus 9K NX-0S in a vPC domain.
I am new to FG attempting to determine correct port settings on the 600F for a redundant inside interface with the goal being if either N9K or 600F goes down, traffic will still flow.
Currently I have port x6 on both 600Fs connected to each N9Ks port Eth 1/2
Primary 600F port x6 – switch 1 N9K port 1/2
Second 600F port x6 – switch 2 N9K port 1/2
The N9K ports are setup as vPC/port-channel
What is the correct interface settings on the 600F to support this or is this not supported?
Thanks much for any guidance.
Hello Larry,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
Hello Larry,
We are still looking for someone to help you.
We will come back to you ASAP.
Regards,
If you have single links from each FortiGate (sounds like you do—x6) then it's just a regular interface no special configuration needed.
If you want to do LACP to your N9K from both Firewalls (so you can have a Nexus switch failure and not have your FortiGate HA failover too) then you can do this with an Aggregate link type.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1739 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.