Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
santunez_cl
New Contributor

Aggregate Down in Passive Firewall

Hello Guys

 

I have this Fortinet configuration with HA active-passive mode, and an aggregate was configured with port3 and port4 on the fortinet side and in each Mellanox Switch that is in mlag mode (VPC in Cisco), an 802.3ad LACP with two ports was created (swp41,swp42) with a clag id.

 

The LACP on the Switch side always shows up, but on the fortinet side, it always shows us down the lacp in the Passive Firewall when I run a diag net aggr name Lacp_Spine the status is down, but the active one is always up.

 

I would like to ask you for help if this behavior is normal, where the passive always looks down.

 

Thanks

 

Diagram.jpg

1 Solution
AlexC-FTNT
Staff
Staff

What you have there is not a supported configuration. The HA is designed as redundancy, not for link aggregation among all members. The MAC address is the same among both members so LACP will not form like that. Please read more:

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Aggregate-link-configuration-topologies-in...
https://community.fortinet.com/t5/FortiGate/Technical-Tip-High-availability-basic-deployment-design/...
https://community.fortinet.com/t5/FortiGate/Technical-Tip-LACP-behavior-in-an-HA-cluster/ta-p/195163
https://community.fortinet.com/t5/FortiGate/Technical-Note-FortiGate-HA-A-P-Active-Passive-cluster-c...


- Toss a 'Like' to your fixxer, oh Valley of Plenty! and chose the solution, too00oo -

View solution in original post

1 REPLY 1
AlexC-FTNT
Staff
Staff

What you have there is not a supported configuration. The HA is designed as redundancy, not for link aggregation among all members. The MAC address is the same among both members so LACP will not form like that. Please read more:

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Aggregate-link-configuration-topologies-in...
https://community.fortinet.com/t5/FortiGate/Technical-Tip-High-availability-basic-deployment-design/...
https://community.fortinet.com/t5/FortiGate/Technical-Tip-LACP-behavior-in-an-HA-cluster/ta-p/195163
https://community.fortinet.com/t5/FortiGate/Technical-Note-FortiGate-HA-A-P-Active-Passive-cluster-c...


- Toss a 'Like' to your fixxer, oh Valley of Plenty! and chose the solution, too00oo -
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors