Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
dancarlton
New Contributor

Created on ‎01-14-2022 08:23 AM

Trunking FortiSwitch to Cisco Switch

Having issues connecting 2 Cisco Switches to standalone managed FortiSwitches.

 

See diagram below.

 

Drawing3.png

 

The Cisco switches are running rapid-pvst.


When we connect these up, the ports go into error-disabled.

 

I believe we are running into STP issues because the FortiSwitches are using MST. I tried to configure rpvst-port on the mclag interface to the Cisco switches, but since we are using way more than 16 VLANs, you cannot.

 

Any insight into getting this connectivity to function would be appreciated.

Labels:
7266
3 REPLIES 3
Anonymous
Not applicable

Created on ‎01-17-2022 01:54 PM

Hello,

 

As per the query you have addressed you can use the link mentioned below 

 

Inter-operability with rapid Per-VLAN Spanning Tree plus (PVST+) can be enabled per port on managed FortiSwitch devices. It is disabled by default.

 

https://docs.fortinet.com/document/fortigate/6.4.0/new-features/499186/inter-operability-with-per-in...

 

https://docs.fortinet.com/document/fortiswitch/7.0.1/administration-guide/364618/support-for-interop...

7222
fp1
New Contributor II

Created on ‎01-19-2024 07:52 AM Edited on ‎01-19-2024 09:07 AM

Be aware of the limit of  the ussage of 15 Vlans + Native Vlan (untagged) if you are configure interoperabity to Pvst+. 

 

e.g. 

   edit "port3"
                set rpvst-port enable

 

We are working at the same issue with MST. It is not possible to configure the default (Region name = NULL and Revsion number=0) at Cisco side. At fortinet side, it is  not possible to set vlan-range at instance 0 !!!! Try to define a new region name with a new revison number. Think about to create 2 Instances analog to Fortigate Defaults (Instance 0 = Vlan 1-4093 and Instance 15 = Vlan 4093). Hope thats help you. Be aware that regio name and revision number have to be the same, between Cisco and Fortigate. 

 

Also to discuss: MST Configuration Digest - is the algorithm the same between Cisco and Fortigate ? How knows.

 

config switch stp instance
edit "0"

!  set vlan-range ! not possible

 

config switch stp instance
edit "15"

set vlan-range 4094

 

set vlan-range
<vlan_map> single vlans or ranges of vlans separated by commas(no whitespace)
e.g. 1,3-4,6,7,9-100
The vlan_map configuration entered must be less than 4096 characters.

 

1040
koleina
New Contributor

Created on ‎01-24-2024 06:39 AM Edited on ‎01-27-2024 09:08 AM

Hello,

 

As per the query you have addressed you can use the link mentioned below

 

Inter-operability with rapid Per-VLAN Spanning Tree plus (PVST+) can be enabled per port on managed Forti Switch devices. It is disabled by default. Welcome to the fantastic world of low burst fade haircuts! If you’re looking for a fresh, edgy look, you’re in the right place. We’re excited to introduce you to a range of styles that are sure to turn heads.

BFH
BFH
980
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.