This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Lagging between Fortinet and Extreme SSA

Lagging between Fortinet and Extreme SSA

Thomas_Maddox
New Contributor

‎12-29-2015 04:32 PM

We currently have a pair of Fortinet 1500D the have the internal port(s) connected to a C3 stack. I would like to take it off the stack and connect it to the SSA-T1068 at the top of the network for our central office. Last night I attempted to do so while upgrading some other switches. Let's say I was not very successful. Has anyone else encountered problems with Fortinet/Extreme interoperability? I am new to Extreme and any assistance would be very helpful.

0 Kudos
15 REPLIES 15

Ryan_Mathews
Extreme Employee
In response to Thomas_Maddox

‎01-11-2016 04:59 PM

Thanks for keeping the Community informed as you go. Good stuff!
0 Kudos

Thomas_Maddox
New Contributor

‎01-04-2016 02:21 PM

I am going to contact GTAC and get a case opened. I'll post the outcome here.

0 Kudos

Jeremy_Gibbs
Contributor

‎12-30-2015 03:08 PM

I still have a 1000A and an SSA laying around.. I'm going to try this..
0 Kudos

Thomas_Maddox
New Contributor

‎12-30-2015 03:01 PM

I double checked the ports status in the stack that the Fortinets are connected to. It did not form a Dynamic Lag as previously thought, even though dynamic lagging is on in the stack. The port type shows as "access" as the other lags are "interswitch". This is coming from Oneveiw.
0 Kudos

Paul_Poyant
New Contributor III

‎12-29-2015 09:15 PM

If you are saying that the other end of the LAG attaches to two separate devices, in that event you'll get two separate LAGs rather than an EXOS "Multi-LAG" which is not supported on the S-Series. However, here I've already seen that singleportlag is disabled and only two ports are in use for this LAG.

"
code:
We have a pair of 1500D's in an active cluster. I was taking one cable from each and connecting it to the SSA.
"

If this is what you are referring to here regarding "two devices", then if it worked as a Dynamic LAG to a SecureStack standalone or stack then it should work to a SSA as well. However, I am not familiar with how such a cluster would support a Dynamic LAG in a connection to another Fortinet or to a third-party peer device such as a SecureStack or S-Series.

If Spanning Tree remains enabled on the LAG aggregator and underlying ports, then yes, it should kick in to stop any detected loop regardless of whether or not one or more LAGs have formed - as long as BPDUs aren't being filtered within the path of the data loop.
0 Kudos
GTM-P2G8KFN