Here is the overall architecture
200F(X3 and X4) <->(port 23 and 24) T1024E <--> 424E <--> 231G
Firmware: 200F (7.4.4), T1024E (7.3.4), 424E POE (7.3.4)
The issue is between the 200f and T1024E. The design was working great until I started working with the fortinet engineer on the 231G wifi connection issues. The engineer disable cap-wap offload and since then the switch randomly disables the ports connected to the fortigate (fortiswitch port 23 and 24) which completely brings down the network. What it feels like is happening is a network loop which locks up the switch but I am guessing here because that is just what it looks like when its happening. A reboot of the T1024E fixes the issue.
After back to back outages I disabled capwap offload and the network stabilized. My plan is to bring back the customers old switches to stabilize the network and get the fortiswitch setup downstream from their switches until I find a root cause. I will set it up as a standalone switch to see if that helps the situation.
Wondering if anyone has experienced this before, fortiswitch disabling ports when connected to the fortilink interfaces on the fortigate and has anyone seen similar issues when disabling capwap offload on the npu.
Hello,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
Hello,
We are still looking for someone to help you.
We will come back to you ASAP.
Regards,
Is this the only switch connected directly to the FGT, are there other switches (in a loop) connected to the FGT or ending up in the same Software/Hardware switch?
Have you checked the port status on the FSW, were they administratively disabled or stuck in a non working state?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.