Hello Guys
I have this Fortinet configuration with HA active-passive mode, and an aggregate was configured with port3 and port4 on the fortinet side and in each Mellanox Switch that is in mlag mode (VPC in Cisco), an 802.3ad LACP with two ports was created (swp41,swp42) with a clag id.
The LACP on the Switch side always shows up, but on the fortinet side, it always shows us down the lacp in the Passive Firewall when I run a diag net aggr name Lacp_Spine the status is down, but the active one is always up.
I would like to ask you for help if this behavior is normal, where the passive always looks down.
Thanks
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
What you have there is not a supported configuration. The HA is designed as redundancy, not for link aggregation among all members. The MAC address is the same among both members so LACP will not form like that. Please read more:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Aggregate-link-configuration-topologies-in...
https://community.fortinet.com/t5/FortiGate/Technical-Tip-High-availability-basic-deployment-design/...
https://community.fortinet.com/t5/FortiGate/Technical-Tip-LACP-behavior-in-an-HA-cluster/ta-p/195163
https://community.fortinet.com/t5/FortiGate/Technical-Note-FortiGate-HA-A-P-Active-Passive-cluster-c...
What you have there is not a supported configuration. The HA is designed as redundancy, not for link aggregation among all members. The MAC address is the same among both members so LACP will not form like that. Please read more:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Aggregate-link-configuration-topologies-in...
https://community.fortinet.com/t5/FortiGate/Technical-Tip-High-availability-basic-deployment-design/...
https://community.fortinet.com/t5/FortiGate/Technical-Tip-LACP-behavior-in-an-HA-cluster/ta-p/195163
https://community.fortinet.com/t5/FortiGate/Technical-Note-FortiGate-HA-A-P-Active-Passive-cluster-c...
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1696 | |
1091 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.