Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
MaxH
New Contributor

Created on ‎05-30-2024 01:29 AM

ARUBA VSF AND FORTIGATE ACTIVE-ACTIVE HA LACP ISSUE

Hello,
I'm stuck on one issue i saw since i've deployed the new instance Aruba and Fortigate on my site
My LAG between Stack 6200M Aruba Switch ( 2 x 2 ports 1GBS) and my FORTIGATE ( ACTIVE-ACTIVE )
works but there is an LACP issue - there Always 2 of 4 link LACP bloqued-see bellow :

MaxH_0-1717057741816.png

 

 


each physical switch should have 2GBS LAG interface normally but here not..could you please help?

MaxH
MaxH
Labels:
146
0 Kudos
1 REPLY 1
ede_pfau
SuperUser
SuperUser

Created on ‎05-30-2024 03:13 AM Edited on ‎05-30-2024 03:20 AM

You should use 2 aggregate links between FGT and switch cluster, one per FGT. You'll see w different LAG IDs then. There was a KB article about this some time ago:

Technical-Tip-FortiGate-HA-A-P-Active-Passive-cluster-connected/ta-p/194655 

Technical-Tip-LACP-behavior-in-an-HA-cluster/ta-p/195163 

 

I think it's mentioned in the Admin Guide as well.

 

Nice that you employ 2 HA links for redundancy. For stability, put some more weight on one link than the other (like, 60:40).

 

Why do you use A-A mode? Usually A-P is used for stability. (You wouldn't have noticed the link issue then). A-A mode is usually used if more processing power is needed than a single FGT will supply.

Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
126
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.