Hot!How to connect between FG200E and Cisco3850-Cisco2960?

Author
longtran.cntt
New Member
  • Total Posts : 11
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/06/05 05:03:22
  • Status: offline
2020/10/14 20:25:54 (permalink)
0

How to connect between FG200E and Cisco3850-Cisco2960?

Hi all,
 
I'm practicing network, so my question maybe very dump or basic, but I hope you can share your knowledge to help me to improve my skills. I'm very appreciate it. I have a FG200E and switch Cisco 3850, Cisco 2960. I've already configured:
    The VLAN on FG200E (image)The VLAN and trunk on Cisco 3850 (image)The VLAN and trunk/access on Cisco 2960 (image)
The connection topology is FG200E (p18) => (TenGi 1/1/4) Cisco 3850 (TenGi1/1/1) => (Gi 0/50) Cisco 2960 (Gi 0/1) => PC. Now when I connect PC to port g0/1 on Cisco 2960, it can not receive IP from DHCP as configured on FG200E. What thing I should do more to make it work? I mean: connection between FG200E to Cisco 3850 and to Cisco 2960.
    Do I need to create static route/ policy route on FG200E to allow traffic from FG200E to Cisco 3850?Do I need to create IPv4 Policy on FG200E to allow traffic from FG200E to Cisco 3850?

Network Topology
 

VLAN configuration on FG200E
 

VLAN on 3850
 

Trunk on 3850
 

VLAN on 2960


Trunk on 2960
post edited by longtran.cntt - 2020/10/14 20:33:22

Attached Image(s)

#1

4 Replies Related Threads

    Toshi Esumi
    Expert Member
    • Total Posts : 2275
    • Scores: 219
    • Reward points: 0
    • Joined: 2014/11/06 09:56:42
    • Status: offline
    Re: How to connect between FG200E and Cisco3850-Cisco2960? 2020/10/14 21:19:48 (permalink)
    0
    Based on only what you showed, nothing seems to be obviously wrong. So what I can suggest is to sniff packet at vlan 10 at the 200E to see if it's receiving DHCP requests from the PC. If not, something is wrong on either or both Cisco SWs. But if it's showing up, and the FGT is not sending out a reply to the PC, something is wrong on the FGT. My guess is the former.
    #2
    lobstercreed
    Platinum Member
    • Total Posts : 315
    • Scores: 37
    • Reward points: 0
    • Joined: 2018/11/28 14:57:58
    • Location: Sedalia, MO
    • Status: offline
    Re: How to connect between FG200E and Cisco3850-Cisco2960? 2020/10/17 07:11:04 (permalink)
    0
    I definitely second what Toshi said.  Never hesitate to fire up a packet capture. 
     
    Also, a common way to double-check your trunking would be to run show mac address-table vlan 10 on the 2960 to see if the MAC address of the FGT is reaching the 2960 and also run that command on the 3850 to see if the MAC address of the PC is reaching the 3850.  Either one not happening points to something incorrect in your config, though I don't see what it would be at the moment.
    #3
    mauromosc
    New Member
    • Total Posts : 13
    • Scores: 0
    • Reward points: 0
    • Joined: 2020/10/20 01:53:13
    • Status: offline
    Re: How to connect between FG200E and Cisco3850-Cisco2960? 2020/10/20 02:55:24 (permalink)
    0
    Hello, longtran.cntt,
     
    Have you tried to run a packet capture on your FortiGate to check if it receives the DHCP Discover from the workstation? If doesn't receive this packet, review your L2 configuration. If does receive, run a debug:
     
    diagnose debug application dhcps -1
    diag debug enable
     
    Good luck.
    Mauro.
     
     
    #4
    longtran.cntt
    New Member
    • Total Posts : 11
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/06/05 05:03:22
    • Status: offline
    Re: How to connect between FG200E and Cisco3850-Cisco2960? 2020/10/20 09:59:21 (permalink)
    0
    Hi all,
     
    Thank you for your reply. I've found the solution.
     
    The current interface I set for the port 18 is 802ad Aggregate, but I do not setup a LAG on the core switch. After changed it to a normal LAN role interface, it worked.
     
     
    #5
    Jump to:
    © 2020 APG vNext Commercial Version 5.5