Hello All,
I have observed port connected to Fortigate showing multiple mac on switch. What could be the reason for it.
Pls note - fortigate is in High availability and I have created 2 vdom.
Pfa
Run the below command to check the mac addresses of the ports.
diagnose hardware deviceinfo nic <nic name>
Mac address that starts with 00.09.0f - could be ha's virtual mac address.
Refer to the links below.
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Verifying-physical-and-HA-Virtual-MAC-addr...
https://community.fortinet.com/t5/FortiGate/Technical-Tip-HA-Cluster-virtual-MAC-addresses/ta-p/1942...
Virtual mac address would be same or differ on both unit if I issue below command
diagnose hardware deviceinfo nic <nic
name>.
Also i have multi vdom created in my fortigate. How would virtual mac address assign in this case
Virtual MACs are only on the active node.
Each VDOM has its own set of virtual MAC addresses so they don't conflict with other VDOM.
See below link there is a section for multiple VDOMs.
Hi Vishal
One is the physical MAC address of the port and one is the virtual MAC address.
The virtual MAC is created only when you have HA configuration. This MAC is always on the active node and moves to the second node when a fail-over occurs .
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.