Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
AEK
SuperUser
SuperUser

Created on ‎03-28-2024 12:42 PM

FortiSwitch with Lenovo VLAG

Hello FortiSwitch integrators

Any one managed to make it work a FortiSwitch connected to a pair of VLAGed Lenovos.

  • FortiSwitch 124F / 7.2.7 unmanaged
  • Lenovo RackSwitch G8124-E / 8.3.5

vlag_net_physical.png

It was working fine with Cisco but couldn't manage to do it with FortiSwitch.

Configuration was like this (same on both Lenovos)

interface port 1
  switchport mode trunk
  switchport trunk allowed vlan 1,100,200

interface port 1
  lacp mode active
  lacp key 10

vlag enable
  vlag tier-id 5
  vlag adminkey 10 enable

On Cisco was like that:

interface Port-channel1
  switchport trunk allowed vlan 1,100,200
  switchport mode trunk

interface GigabitEthernet0/1
  switchport trunk allowed vlan 1,100,200
  switchport mode trunk
  channel-group 1 mode active

interface GigabitEthernet0/2
  switchport trunk allowed vlan 1,100,200
  switchport mode trunk
  channel-group 1 mode active

On FortiSwitches I created a trunk from 2 ports, LACP active mode, allowed VLAN 1,100,200, but according to my first tests it doesn't work, I mean no traffic seem to pass.

Sadly I had to roll back without being able to collect relevant logs, so actually I'm not sure it didn't work because of VLAG, but can actually be a STP issue or anything else.

Any similar experience or useful hint would be appreciated.

AEK
AEK
Labels:
247
0 Kudos
3 REPLIES 3
Anthony_E
Community Manager
Community Manager

Created on ‎03-31-2024 10:07 PM

Hello Abdelkrim,

 

I hope you are doing well!!


Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Thanks,

Anthony-Fortinet Community Team.
183
CatInHat
New Contributor III

Created on ‎04-01-2024 10:49 AM

The configuration looks reasonable and seems like it should work. The problem may be due to incorrect port configuration on the FortiSwitch or a mismatch between the Lenovo and FortiSwitch settings. It is recommended that you first carefully check the port settings on both devices and also ensure that the VLANs are configured correctly. If the problem persists, it is recommended to enable VLAG protocol support on both devices and check that the configurations between them are consistent. It may also be worth paying attention to the STP settings on both devices and making sure they are consistent.

167
AEK
SuperUser
SuperUser

Created on ‎04-21-2024 03:04 PM

After a second try the network worked fine and with the same configuration shared above. The issue was only in some wrong VLAN configuration.

For info, Lenovo vLAG is like Cisco vPC and Juniper MC-LAG.

AEK
AEK
36
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.