I have 2 firewalls, lan and wan. there is also 1 cisco backbone in between. my problem is this: when I make 802.3ad from 1g 2 fiber ports of the firewall, the connection between 2 firewalls is provided. However, when I do 802.3ad with 10g, there is no connection between the two firewalls. The part I pay attention to is this. When I make 802.3ad in 1g connection, the mac address is different in 2 ports. However, when I do 802.3a with 10g, the virtual mac address on 2 ports is the same and only one device appears in the mac address table of the backbone. what is the reason for this?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I don't know why such LACP interface has this kind of MAC, but you should fix it by changing the MAC address with the below command to avoid MAC conflict:
conf sys interface
edit WAN
set macaddr xx:xx:xx:xx:xx:xx
end
This command does not work
Hi,
- Are the LAN and WAN firewalls are part of 2 different HA cluster? The MAC address looks same as the virtual MAC address of the interface as Hex value of 12 is nothing but 18 in integer terms which is your interface in the port channel.
Regards,
Shiva
Yes, there are 2 different Ha clusters, so how do I solve this problem? Since the same mac address appears on the backbone, the connection is not established
Hi,
One of the component in the virtual MAC calculation is the group ID of the HA. You can change the HA group IP of either the plan HA cluster of the WAN HA Cluster so that the virtual MAC will change. Please make sure you make these changes during the downtime or change window
Please refer the below links.
Regards,
Shiva
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1519 | |
1019 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.