Howdy
I'm asking for your help with a problem with the infrastructure I'm implementing.
I have a FortiGate with a fortilink interface configured.
The infrastructure requires one, or more, not fortinet switches between FortiGate and FortiSwitch.
For example:
The third-party switch is configured as follows:
Fortiswitches take IP directly from the fortilink physical interface.
The problem I'm having is that every once in a while fortiswitches go offline.
If I go to enable the Fortilink Split interface and turn it off again, the fortiswitches come back up.
Do you know how I can fix it?
Did you read on Fortilink over layer 3?
You create a layer 3 vlan id and pass it through the 3rd switch to the Fortiswitches as an interface on the Fortilink Interface from the Gate.
I ran into a similar issue but was unable to remove vlan 1 from production in order to get Fortilink enabled. I instead just ran the switches as standalone until the switch between was replaced with Fortinet.
Hi and thanks for the help.
I don’t need L3 implementation, cause everything shall be connected in the same Layer 2 VLAN.
What I didn't understand is whether it's okay to have vlan 1 as native vlan on the 3rd switch or whether native vlan 4094 should be configured.
I’ll try tomorrow this guide, hoping for a success try.
Further tests have shown that the FortiSwitches simply lose "sync" with the FortiGate, while the data connection between the various devices continues to work.
If, for example, I ping a device behind one of the offline FortiSwitches from FortiGate, I receive a response to the packets.
I've tried to set up fortlink-p2p but I always get the problem.
If I try to diagnose the FortiSwitch, I get "No CAPWAP IP address retrieved for FortiSwitch S448ENTFxxxxxxxx" error
Fortilink, DHCP and NTP give me OK.
The fortiswitches switch interface is in DHCP mode and correctly receive IP from the Fortilink interface of the FortiGate.
Already tried everything from this guide:
Fix FortiSwitch showing with the 'Off... - Fortinet Community
Hi @Thonno,
Based on your diagram, FortiSwitches should be connected to each other for Inter Switch Link (ISL) connection.
Regards,
Hello, due to physical distance between the two FortiSwitches it is not possible for me to connect them to each other.
We solved this by converting the devices to Standalone and configuring them as "simple" Switches.
Thanks anyway to everyone for the help!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1739 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.