Hi i'm new to this,
Can someone please help me with this or tell me if this is possible.
Devices: 2x Fortigate 601e, 2x Stacked cisco catalyst 9500
edit "Outside"
set vdom "root"
set allowaccess ping https ssh http
set status up
set type aggregate
set alias "FGT_TO_CORE"
set device-identification enable
set snmp-index 27
next
edit "Ext_VLAN3"
set vdom "root"
set allowaccess ping https ssh
set forward-domain 30
set role lan
set snmp-index 28
set interface "Outside"
set vlanid 3
next
edit "Ext_VLAN999"
set vdom "root"
set allowaccess ping https ssh
set forward-domain 90
set role lan
set snmp-index 29
set interface "Outside"
set vlanid 999
**************************
i'm having problem connecting aggregated ports on active active cluster going to stacked switches, ports on secondary firewall and cisco switch is suspended.
i really don't know what's wrong with my configuration, PS*** thanks for replying to this tread
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
You're missing
set member "port1" "port2"
under "Outside".
Toshi
HI Toshi_Esumi,
I have deleted the ports sorry, traffic on primary fortigate is working, but on secondary firewall the port connected to cisco switch are suspended
It might be something to do with virtual MAC address on each vlan, and probably nothing to do with LAG setting. I don't have any a-a HA so I don't know how it would work. But below old KB says if only one side (your case outside only) is connected to the same switch, it should be fine.
If no one else replies, I would recommend you open a TAC case to ask.
https://community.fortinet.com/t5/FortiGate/Troubleshooting-layer2-switches-connected-to-FortiGate-d...
Then please share the answer. I want to know as well.
[Filter: Competitors] Toshi_Esumi's post subject matched "cisco", board "fortinet-discussion".
Post Subject: Re: aggregated ports 802.3ad going to cisco stacked switch
Subject text "cisco" matched filter pattern "cisco".
Post Body:
It might be something to do with virtual MAC address on each vlan, and probably nothing to do with LAG setting. I don't have any a-a HA so I don't know how it would work. But below old KB says if only one side (your case outside only) is connected to the same switch, it should be fine.
If no one else replies, I would recommend you open a TAC case to ask.
https://community.fortinet.com/t5/FortiGate/Troubleshooting-layer2-switches-connected-to-FortiGate-d...
Then please share the answer. I want to know as well.
Post by User[id=14083,login=Toshi_Esumi] has message uid 199899.
Link to post: Re: aggregated ports 802.3ad going to cisco stacked switch
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1707 | |
1093 | |
752 | |
446 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.