Hi, I was asked to cascade the port 16 or a Fortigate 200D to a Csico 2960-X L2 switch. Now my boss wants me to have a backup of port 15 in case port 16 goes down. So from ports 15 and 16 going to ports 23-24 of the Cisco 2960-X switch. I followed the following articles for me to link aggregate the 2 ports.
http://kb.fortinet.com/kb/documentLink.do?externalID=FD30542
https://forum.fortinet.com/tm.aspx?m=106460
but in my cisco switch, it still shows that
LACP is currently not enabled on remote ports. Am I imssing something here?
Thanks
Jeff
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Try to set the Fortigate as Active in LACP.
Both can be configured as active.
I'm not sure if I get it right but I think based on the article Ive followed it was set in active, unless I've missed something or other commands needed
Thanks
Jeff
Maybe with a copy of your interface configuration (fortinet and cisco), it will be easier to find this issue..
agreed and cli diagnostic commands will show you what and if you have the LACP aggregate built correct;
(cli)
diag netlink aggregate name <AE interface name>
PCNSE
NSE
StrongSwan
Hi, apologies for the incomplete info. Basically for the cisco switch, yesterday I removed the settings on ports 23 and 24, so I might not be able to post it here but same as the settings on the article I've mentioned above, same config.
https://forum.fortinet.com/tm.aspx?m=106460
int range gi 1/0/1-2 no shut switchport channel-group 10 mode active channel-protocol lacp
As for the Fortinet, below is my config:
FG200D3916802531 # show system interface LINK_TO_CISCO
config system interface
edit "LINK_TO_CISCO"
set vdom "root"
set type aggregate
set member "port15" "port16"
set description "LINK_TO_CISCO"
set snmp-index 8
next
end
Thanks
Jeff
Don't you have this command?
set lacp-mode active
/ N
Did you execute the diagnostic commands? Are you on the master or slave if you have a HA pair? if you have a HA pair , on the slave you need to set the lacp operations"
e.g
config system interface
edit "AE01"
set description "AggrEthernet-to JNPREX01"
set vdom "root"
set type aggregate
set lacp-ha-slave enable
set member "port9" "port10"
next
end
PCNSE
NSE
StrongSwan
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1557 | |
1033 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.