- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
link aggregation using port 15 and port 16
Hi, I was asked to cascade the port 16 or a Fortigate 200D to a Csico 2960-X L2 switch. Now my boss wants me to have a backup of port 15 in case port 16 goes down. So from ports 15 and 16 going to ports 23-24 of the Cisco 2960-X switch. I followed the following articles for me to link aggregate the 2 ports.
http://kb.fortinet.com/kb/documentLink.do?externalID=FD30542
https://forum.fortinet.com/tm.aspx?m=106460
but in my cisco switch, it still shows that
LACP is currently not enabled on remote ports. Am I imssing something here?
Thanks
Jeff
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Try to set the Fortigate as Active in LACP.
Both can be configured as active.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'm not sure if I get it right but I think based on the article Ive followed it was set in active, unless I've missed something or other commands needed
Thanks
Jeff
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Maybe with a copy of your interface configuration (fortinet and cisco), it will be easier to find this issue..
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
agreed and cli diagnostic commands will show you what and if you have the LACP aggregate built correct;
(cli)
diag netlink aggregate name <AE interface name>
PCNSE
NSE
StrongSwan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi, apologies for the incomplete info. Basically for the cisco switch, yesterday I removed the settings on ports 23 and 24, so I might not be able to post it here but same as the settings on the article I've mentioned above, same config.
https://forum.fortinet.com/tm.aspx?m=106460
int range gi 1/0/1-2 no shut switchport channel-group 10 mode active channel-protocol lacp
As for the Fortinet, below is my config:
FG200D3916802531 # show system interface LINK_TO_CISCO
config system interface
edit "LINK_TO_CISCO"
set vdom "root"
set type aggregate
set member "port15" "port16"
set description "LINK_TO_CISCO"
set snmp-index 8
next
end
Thanks
Jeff
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Don't you have this command?
set lacp-mode active
/ N
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Did you execute the diagnostic commands? Are you on the master or slave if you have a HA pair? if you have a HA pair , on the slave you need to set the lacp operations"
e.g
config system interface
edit "AE01"
set description "AggrEthernet-to JNPREX01"
set vdom "root"
set type aggregate
set lacp-ha-slave enable
set member "port9" "port10"
next
end
PCNSE
NSE
StrongSwan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content