Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Ruelb2214
New Contributor

Created on ‎09-12-2024 06:40 AM

LAG connection setup

Hi,

 

would like to seek for your advise for the current setup attached, basically we have another firewall on the right side of the diagram that connect to L2 switch, and on the FW side the port is configured as LAG while on the switch is under port-channel, but take note the switches are two separate standalone (not on stack).

 

every time we connect the cable c3 and c4 the network is disrupted, is it because the aggregated ID is different from the firewall perspective?

 

I always see this setup as common, but they always use stack switches.

FW-HA SETUP.png

Labels:
272
0 Kudos
3 REPLIES 3
pmeet
Staff
Staff

Created on ‎09-12-2024 06:56 AM

Hence both the switches are working independently a LACP or port channel will not form , from your topology your 2 LACP ports from the FGT are also connecting to 2 different switch here,

 

your solution would be either use one switch , or stack the switches or using only a single link 

PATELMM
262
0 Kudos
pmeet
Staff
Staff

Created on ‎09-12-2024 06:58 AM

I'm not recommending to use redundant link setup on FortiGate because  when you place this interface in monitor interface on HA on fortigate it will not go down until both link fails

PATELMM
261
nathan_h
Staff
Staff

Created on ‎09-12-2024 07:06 AM

Hi Ruelb2214,
I understand that Fortigates on the right side are on HA. Since the switch is not a stack, you won't be able to cross connect the LACP. See guidelines below.
 
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Aggregate-link-configuration-topologies-in...
https://community.fortinet.com/t5/FortiGate/Technical-Tip-High-Availability-basic-deployment-design/...
 
 
Preview
 
Nathan
FCP-NS, FCP-PCS, FCP-SO, FCSS-NS, FCSS-PCS, FCSS-SASE
248
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.