I have four standalone switch 1048E. I am in the process of implementing to new fortigates. I am having an issue where the switch isnt passing the vlan accross to the uplink port. This is the HA port for the Fortigate pair.
I have packet captured off both the inbound and Uplink port. I can see the fortigate is sending the HA packets to the port but nothing appears to be getting to the uplink port. I have reviewed the config to ensure that the vlan is set to allow on that trunk.
So my question is that has anyone seen this on Fortiswitches and if so what can I do to fix it. I have had an open support ticket for months and no resolution so hoping the community can help me out.
Thanks ahead time.
Hi,
Is it possible to share the topology with proper flow explanation for better understanding
Updated with logical
Adding Logical as requested
Could you please share the 'config switch interface' and 'config switch physical-ports' settings for the ports connected to the FGT and the port connect to the Cisco switch?
Fortinet recommend to connect a direct cable between HA ports for a FGT HA cluster. I am assuming your FGT are in different locations or far away racks inside the same DC. Am I right?
https://docs.fortinet.com/document/fortigate/6.0.0/cookbook/834760/connecting-the-backup-fortigate
"If possible, make direct Ethernet connections between the heartbeat interfaces of the two FortiGate units."
Regards
DPadula
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1747 | |
1114 | |
760 | |
447 | |
241 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.