Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ahmed_elmelegy
New Contributor

Created on ‎03-09-2025 10:04 AM

issue with managed fortiswitches

hello all, i have 6 floors in a company , each floor has 2 or 3 edge switches and each office in the floor has a small tp-link switch (5port) that compine the PCs, and this small switch connected to the edge and all floors connected to two core switches working as MCLAG and all the switches are managed by fortigate.

i have 3 connection connected direct to the fortigate (ADSL , MPLS , Leased Line).

on the fortigate i have configured a vlan for each floor , when i enable these vlans and assign them to each floor i found a big packet loss in the network but when i work with one vlan for all floors all thing work fine with no isuue.

can anyone help with this issue?

Labels:
419
0 Kudos
8 REPLIES 8
AEK
SuperUser
SuperUser

Created on ‎03-10-2025 01:19 AM

Hi Ahmed

Is the packet loss inter-VLAN? Is there packet loss intra-VLAN as well?

AEK
AEK
381
ahmed_elmelegy
New Contributor
In response to AEK

Created on ‎03-10-2025 01:29 AM

Hello AEK

No there is no any packet loss inter vlan

The packet loss when ping from pc to 8.8.8.8 

Another thing i want to know

My design is each edge connected to one peer of the MCLAG not the two.

Can this be the issue or not?

375
0 Kudos
AEK
SuperUser
SuperUser

Created on ‎03-10-2025 07:49 AM

Hi Ahmed

Can you share the following?

  • A screenshot of your FortiLink config from menu Network > Interface
  • A diagram showing how switches are interconnected and how connected with FGT
  • FortiOS version and FortiSwitch OS versions
AEK
AEK
331
ahmed_elmelegy
New Contributor
In response to AEK

Created on ‎03-10-2025 08:13 AM

hi AEK,

thanks for your replying its highly appreciated.

sorry i cannot take a screenshot now as the customer isnt available but i put two port on fortigate under fortilink and disable split. and all vlans under it.

regarding to the diagram this is the diagram

WhatsApp Image 2025-03-10 at 5.07.20 PM.jpeg

fortiOS is 7.4.7

FortiswitchOS is 7.4.5

 

318
0 Kudos
AEK
SuperUser
SuperUser
In response to ahmed_elmelegy

Created on ‎03-10-2025 08:26 AM

So far seems correct.

Split should be disabled as you did.

If you access switches are 1xx series then you cant connect the last one to the second ToR/Core. So what you did should be correct.

Waiting for the screenshot. But meanwhile, did you use VLAN id 1 for any of the created VLANs?

AEK
AEK
314
ahmed_elmelegy
New Contributor
In response to AEK

Created on ‎03-10-2025 08:36 AM Edited on ‎03-10-2025 08:39 AM

but when i search i found that i should connect each edge to the two core that working MCLAG not one only is this correct?

no i didnt use vlan 1

 

310
0 Kudos
AEK
SuperUser
SuperUser
In response to ahmed_elmelegy

Created on ‎03-10-2025 09:18 AM

I mean when 1xx are chained you can't connect the last one to the second core. That's because 1xx doesn't support multi-homing when daisy-chained, while higher series support it.

However you can do so if the 1xx is standalone (for redundancy). This one is supported.

AEK
AEK
277
ahmed_elmelegy
New Contributor
In response to AEK

Created on ‎03-13-2025 02:40 AM

hello AEK,

kindly find the screenshot of fortilink

Screenshot 2025-03-13 at 11-37-21 FortiGate - CIS-HQ-1.png

 one of the fortilink memeber is down as i have unistalled the mclag currently and make all network work on one switch as below

Screenshot 2025-03-13 at 11-39-11 FortiGate - CIS-HQ-1.png

 and again i faced the same issue.

and didnt know the reason for this till now

190
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.