Hi,
We have a stack of two FortiSwitch 448D (v3.5.4) managed by a pair of FortiGate 100D (v5.4.4) firewalls.
We are using the "HA-mode FortiGate managing a stack of several FortiSwitches" Setup from http://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-managing-fortiswitch-330-54/Stacking....
Setup is:
Fortilink "FL1": LACP LAG on FortiGate port 13 and 14, on Fortiswitch ports 47 and 48. Wiring:
FG1-13 <-> FSW1-47 (*)
FG1-14 <-> FSW2-47
FG2-13 <-> FSW1-48
FG2-14 <-> FSW2-48
ISL is 10G twinax connecting ports 51 and 52 on the two switches (SW1-51 with SW2-51 and SW1-52 with SW2-52).
So far everything is working, but there are two minor issues:
1) the FortiLink only has one of the four ports up (*), because only FG1 and FSW1 are active, all other ports are down because neither FG nor FSW support MLAG (yet).
If i add another four links (expanding the LAG to include ports 11+12 on FG and 45+46 on FSW), do i get two active ports?
2) The Web UI display under "Wifi & Switch Controller -> Managed FortiSwitch" is broken. Between refreshes it alternates between showing one switch only with one of the uplinks and both switches without any links. I tried differnt browsers (Safari, Chrome, Firefox and even Edge), while the display is slightly different between them, it is broken with all of them.
See attachment for examples. (i can only upload one picture, the other one is with the ISL but the second switch is moved halfway out of the picture to the right)
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Regarding question 1, only one link is active in current implementation. If the FGT LAG is split to two different switches, one of the links is disabled. It's not possible to add more links in this scenario. With the support of MLAG expected in FSWOS version 3.6, all links will be active and the maximum number of LAG group members is limited by what the model supports.
Regarding question 2, please open a support ticket so that this can be investigated and fixed in case it's a firmware issue.
Thank you,
Rafael Gracioli
Rafael Gracioli | Consulting Systems Engineer, ADC and Switching m: +31 6 50 28 72 99 | skype: rgracioli | e: rgracioli@fortinet.com
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1702 | |
1092 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.