Hot!F5-LC Active-Standby connected to Fortinet ACTIVE-ACTIVE via Stacked Switches issue

Author
ejuson
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2017/04/19 20:24:56
  • Status: offline
2017/04/20 00:25:34 (permalink)
0

F5-LC Active-Standby connected to Fortinet ACTIVE-ACTIVE via Stacked Switches issue

Hi Fortinet/F5/Cisco Experts,
here is the setup(disregard interface 1.4 on F5),
F5-LC: active-standby using trunk (LACP) and Tagged and connected fullmesh to the switches Fortinet: active-active and not connected in full-mesh to the switches Stacked Switch with port channels facing F5
Fortinet 1 is connected to Switch1 and Fortinet 2 is connected to switch 2.
Scenario:
Host PC behind the fortinet can access the internet when F5-LC1 is active, but when we perform the failover, and F5-LC2 becomes active, some of the hosts have intermittent connections going to internet and come hosts cannot connect to the internet at all.
Question:
what configuration on switch and fortinet can be added given that fortinet is not connected in full mesh with the switch. Or is it really necessary to connect the fortinet in full mesh with the switch?
I cannot see any config issue with F5.
 
please see network diagram. Note: nevermind the 1.3 interface on F5 and there is a link between stack switches

Attached Image(s)

#1

1 Reply Related Threads

    emnoc
    Expert Member
    • Total Posts : 4215
    • Scores: 237
    • Reward points: 0
    • Joined: 2008/03/20 13:30:33
    • Status: offline
    Re: F5-LC Active-Standby connected to Fortinet ACTIVE-ACTIVE via Stacked Switches issue 2017/04/20 08:42:50 (permalink)
    0
    So on the  two switches, Are you 100% sure the ports are configure correct and the same? When you fail from the traffice-grp1 active--->standby  have you dumped on  the interface 1.Xs to see if traffic is exiting  the F5?
     
    Is it save to assume the f5 are  using a floating-ip? Are hosts with intermittent access , are they nailed to the former Active ?

    PCNSE6,PCNSE7, ACE, CCNP,FCNSP,FCESP,Linux+,CEH,ECSA,SCSA,SCNA,CISCA email/web
    #2
    Jump to:
    © 2017 APG vNext Commercial Version 5.5