Hi all,
Does anyone who has experience in building Link aggregation in Transparent mode?
I have a scenario like below
The Firewall in pic works in transparent mode with policy permit any to any.
As the pic, port17&port18,port19&port20 are two different link aggregation interface running in active-passive mode with Cisco switch.
And I used port-pair in those two link aggregation interface.
In this scenario I ping 10.10.20.14 from 10.10.20.1, failed.
But it's wired that if I untied the link aggregation , and used port-pair "port17-port19" and "port18-port20".
I can ping between two IPs in pic.
I doubt that something wrong when I setting link aggregation in transparent.
Is there any point I need to notice setting link aggregation in transparent mode?
I find out some command on website,and I post the result below:
FW1 (CR_test) # diag netlink aggregate name cr_vlan100
status: up
npu: y flush: n asic helper: y oid: 145 ports: 2 ha: master distribution algorithm: L4 LACP mode: passive LACP speed: slow LACP HA: enable aggregator ID: 2
slave: port17 link status: up link failure count: 0 LACP state: established actor state: PSAIEE actor port number/key/priority: 1 17 255 partner state: ASAIEE partner port number/key/priority: 274 3 32768 aggregator ID: 2 speed/duplex: 1000 1 RX state: CURRENT 6 MUX state: COLLECTING_DISTRIBUTING 4
slave: port18 link status: up link failure count: 0 LACP state: established actor state: PSAIEE actor port number/key/priority: 2 17 255 partner state: ASAIEE partner port number/key/priority: 276 3 32768 aggregator ID: 2 speed/duplex: 1000 1 RX state: CURRENT 6 MUX state: COLLECTING_DISTRIBUTING 4
I think my link aggregation most be up in this result,but the network still no work.
Please help,thanks!
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi
You can try to change lacp mode both.
Fortigate should change to "static".
Cisco should change to "on".
Pls try that.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1713 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.