Link to home
Start Free TrialLog in
Avatar of YaYangTeah
YaYangTeahFlag for Malaysia

asked on

stacking switch link to Fortigate HA

We have 2 units Fortigate 101 configure as HA Active-Passive ,both devices port 1 are connected to our one of the internal switch  but recently our switch is faulty and we will planning to buy 2 units stack the switch together to have redundancy.

Please advise to archive this i need to configure aggregation two port and configure POL in switch port ?User generated image
Avatar of skullnobrains
skullnobrains

you can use one lacp agregate per fortinet with both the switches on the opposite side ( the 2 blue links on your schema would be one of them, the 2 orange the other ) which would be the best setup.

without aggregates, you'd need to throw in some spanning tree or make sure the fortinets do not allow traffic to flow from one interface to the other. i recollect there is an option in fortinets when setting up port groups. but anyway the above is much more reliable.
Avatar of YaYangTeah

ASKER

Please help to verify configuration was correct and my Firewall is running on active passive HA mode

FW01 and FW02-port 15 and port 16 reconfigured as aggregated interface

SW01 Gi1/0/47~48 as POL101
SW02 Gi2/0/47~48 as POL101


FW01 port 15 -- SW01 Gi1/0/47
FW01 port 16 -- SW02 Gi2/0/47

FW02 port 15 --SW02 Gi1/0/48
FW02 port 16 --SW02 Gi2/0/48
ASKER CERTIFIED SOLUTION
Avatar of skullnobrains
skullnobrains

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
thanks for the advice ,I forgot stacked switch will form as the on logical switch .

I will configure to two POL .