Issues to connect LACP on SX6632YF to Fortigate 80F
Hi guys,
Someone can bring me a light?
I've an switch SX6632YF connected to Fortigate 80F and it work if connected directly, but I need to set up LACP mode because we plan to use agreggated ports to get redundancy...But the issue star when I active LACP mode in the interface. I'm setting up the switch by CLI and follwed this steps below to setup LACP in the interfaces... I'm missing something?
Switch#configure
Switch(config)#port-channel load-balance src-dst-mac
Switch(config)#interface range gigabitEthernet 1/0/1-2
Switch(config-if-range)#channel-group 1 mode active
Switch(config-if-range)#lacp port-priority 0
Notes: When I config LACP with another switch, work well.
I already tried to change active and passive side in the switch or in the firewall. When I apply "channel-group 1 mode active or passive" the interface go down and don't get up again....
Have some troubleshoot command about LACP negotiation or even to check if have lacp traffic. If you need any extra information, let me know.
Thank's
Best Regards!
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hey @Clive_A
I found the issue reason...
For anyone who need this information:
I have an Switch with 10G Interfaces, but the fortigate firewall are just 1Gbit interface, so when I connect both, I need to set the interface speed to 1000M in Switch settings, then interface comes up. The problem start when I create a LACP interface and the interface goes down. What you need to do is to set the speed on the new LACP interface instead of hardware interface.
Example how to solve:
Switch(conf)#interface Gi1/0/1
Switch(conf-if)#channel-group 1 mode passive
Switch(conf)#interface port-channel 1
Switch(conf-if)#speed 1000
To check if LACP is UP, you use this command:
Switch(config)# show interface status Po1
In my case, I was using stand alone CLI interface, but you can do it in GUI interface too or in Switch adopt by controller, you just need to overide the LAG interface speed.
Thank's and Best Regards.
- Copy Link
- Report Inappropriate Content
Hi @FafaG
Thanks for posting in our business forum.
Not sure if this is a compatibility issue.
However, for LACP, the up and down status is maintained by the packets. Have you tried to Wireshark and monitor the LACP handshake?
There isn't too much to troubleshoot with LACP/LAG. It should work regardless of the mode but if that's a third-party, we recommend Active vs Passive. Not the same mode. ID and priority are local values. Does not affect the link.
- Copy Link
- Report Inappropriate Content
Hey @Clive_A
I found the issue reason...
For anyone who need this information:
I have an Switch with 10G Interfaces, but the fortigate firewall are just 1Gbit interface, so when I connect both, I need to set the interface speed to 1000M in Switch settings, then interface comes up. The problem start when I create a LACP interface and the interface goes down. What you need to do is to set the speed on the new LACP interface instead of hardware interface.
Example how to solve:
Switch(conf)#interface Gi1/0/1
Switch(conf-if)#channel-group 1 mode passive
Switch(conf)#interface port-channel 1
Switch(conf-if)#speed 1000
To check if LACP is UP, you use this command:
Switch(config)# show interface status Po1
In my case, I was using stand alone CLI interface, but you can do it in GUI interface too or in Switch adopt by controller, you just need to overide the LAG interface speed.
Thank's and Best Regards.
- Copy Link
- Report Inappropriate Content
Hi @FafaG
Thanks for posting in our business forum.
FafaG wrote
Hey @Clive_A
I found the issue reason...
For anyone who need this information:
I have an Switch with 10G Interfaces, but the fortigate firewall are just 1Gbit interface, so when I connect both, I need to set the interface speed to 1000M in Switch settings, then interface comes up. The problem start when I create a LACP interface and the interface goes down. What you need to do is to set the speed on the new LACP interface instead of hardware interface.
Example how to solve:
Switch(conf)#interface Gi1/0/1Switch(conf-if)#channel-group 1 mode passive
Switch(conf)#interface port-channel 1
Switch(conf-if)#speed 1000
To check if LACP is UP, you use this command:
Switch(config)# show interface status Po1
In my case, I was using stand alone CLI interface, but you can do it in GUI interface too or in Switch adopt by controller, you just need to overide the LAG interface speed.
Thank's and Best Regards.
What you need to troubleshoot for a LAG is the speed and duplex.
I thought it was a 10G or they auto negotiate the speed. Usually, that should be fine and not manual.
It could be the compatibility with the port negotiation which fails. But I wonder if you can get a link without LAG before? That'd be strange if it could auto negotiate to 1Gb but failed in LAG.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 107
Replies: 3
Voters 0
No one has voted for it yet.