Cisco fortigate lacp. Set to Static for static aggregation.

Cisco fortigate lacp Do you have the available interfaces on the FortiGate to configure as second LACP Group? 1 to Cisco, 1 to Aruba? Even if you had to pull away some of your redundant interfaces to create a second LACP Group for the duration of the migration. during a firmware update, the LACP port to the Cisco switch goes offline for 1 min or longer. edit "LAN" set vdom "root" set allowaccess ping set type aggregate set member "port2" "port3" set role lan set snmp-index 12 set lacp-mode static . It's a For the mode, select Static, LACP Active, LACP Passive, or Fortinet Trunk. We're looking at possible spanning-tree issues, but also best practice guides on the Cisco side for VPC's. Kiểm tra trên switch Cisco, ta sử dụng câu lệnh show etherchannel summary. Here, you've told the Cisco LACP/Switchport trunk to transmit VLAN#10 as untagged on that LACP Trunk. Simple misunderstanding that caught me up too: So on the Fortinet side, you need to specify a the matching native/untagged ("Native") VLAN for the LACP LAG/Channel for your Layer3 interface. We have two firewall and we have 4 leaves (2 per site) in the topology. I currently have etherchannel configured to 2x 10g ports. R 1 name fortilink status down algorithm L4 lacp-mode active 2 name to-Cisco status down algorithm L4 lacp-mode active. feature lacp. After checking this new issue, looks like nothing on the Cisco 3750 switch can talk to the FortiGate firewall 1 name fortilink status down algorithm L4 lacp-mode active 2 name to-Cisco status down algorithm L4 lacp-mode active. at that time connectity lost between fortigate firewall and cisco switches Hello teams, we have a cluster of Fortigate. So i need to connect a FW in each site. I connect it to a Cisco switch and test. Solution The scenario is described as follows: An aggregate link (LACP) is configured on both devices acting one as Primary and the other one as Secondary (Active - Passive mode). It didn't load share! Hello, I would like to know if some of you have a recommendation for a configuration between a Cisco switch port-channel and a Fortigate Agg FortiOS5 On my Cisco configuration I' ve used this for the physical interfaces channel-group 1 mode active switchport nonegotiate On the Fortigate I have edit " Agg1" set vdom " root" set type aggregate set Hi guys, i have an extrange issue with some port channels on my cisco 9300 series (stack with 4 members). Fortigate Confi: edit "aggregate" set vdom "root" set allowaccess https ssh set type aggregate set member "port1" "port2" set alias "LAG1-2" set snmp-index 12set lacp-speed slow next Cisco side: So your sw1's port-channel(if Cisco) works always 1Gig, not 2Gig. The FortiGate should just analyze the traffic and should be transparent for the Cisco's. This works so far except for LACP. 1 (vlan 30) The Cisco core switch has virtual interfaces for each VLAN: Cấu hình LACP giữa Fortigate và Switch Cisco. Initial troubleshooting steps for LACP (Link Aggregation - 802. 1): I would recommend against changing the native VLAN as doing otherwise can hit a number of Cisco LACP bugs that result in LACP PDUs being tagged LACP fortigate - Cisco switch I have configured LACP link (2 port) on Cisco 3560 and FG310B, everything seem be fine, but when I put traffic on this LACP link, traffic just rided on one physical link, when I shutdown one port of LACP, traffic switch to another. Set to Active LACP to actively use LACP to negotiate 802. 0 255. Channel group 1 neighbors. Don't put the ports of both FortiGate units in one LACP group on the switch. So far the below is working (i can ping from Cisco 192. Set to Static for static aggregation. I am working with support and Cisco support, but I wanted to ask if others have gotten this working. This way, one switch could fail without forcing the FGT to fail over, just reducing bandwidth. HA doesn't fail-over L2 protocols like LACP. 10. feature inter-vlan . In contrast I´ve applied this topology using only one Fortigate and the redundancy is obtained (check the second topology). if=to-Cisco family=00 type=1 index=19 mtu=1500 link=0 master=0 ref=21 state=start present no_carrier fw_flags=8800 flags=up broadcast master multicast Hello, we have LACP with two port on each of two nodes of A-A cluster configured. I swear I've used this same configuration in the past and it worked, but it isn't working now. 1 The LACP fallback mode is useful if you have a preboot execution I am trying to setup a LAG between a Fortigate 1200D cluster and a two Cisco Nexus switches. 3ad) Labels: FortiGate; 50096 1 Kudo Suggest New You can have all Fortigate ports going to the same switch LAG, but you need set lacp-ha-slave disable on the standby unit so it doesn't actively try to form LACP while the active unit is also doing LACP. But I do not get the aggregation online. Our setup looks as following: On the switch we see that the fortigate doesn't send any LACP packets: switch1# show lacp counters. We have a smaller swtiches from cisco (SG500) and we were able to configure LACP in no time. 0 set allowaccess ping set type aggregate set member "port2" "port3" set device-identification enable Hello, I would like to know if some of you have a recommendation for a configuration between a Cisco switch port-channel and a Fortigate Agg FortiOS5 On my Cisco configuration I' ve used this for the physical interfaces channel-group 1 mode active switchport nonegotiate On the Fortigate I have edit " Agg1" set vdom " root" set type aggregate set Hello, I would like to know if some of you have a recommendation for a configuration between a Cisco switch port-channel and a Fortigate Agg FortiOS5 On my Cisco configuration I' ve used this for the physical interfaces channel-group 1 mode active switchport nonegotiate On the Fortigate I have edit " Agg1" set vdom " root" set type aggregate set 1 name fortilink status down algorithm L4 lacp-mode active 2 name to-Cisco status down algorithm L4 lacp-mode active. Cisco ME 1200 Series Carrier Ethernet Access Devices NID Configuration Guide, Cisco IOS 15. 5 with Cisco Switch Reference: Deploying MCLAG topologies | FortiSwitch 7. Note: For version 7. In some heavy network traffic days ( three times in six months ) Both of two LACP links to Cisco NX gets blocked. If you are creating an aggregate between two FortiGate units, you can turn LACP off (lacp-mode static). There are 2 sites, but connected directly by a pair of fibers. You have to have two GigE connections go in both FG1 and FT2 to do regular LACP. I am thinking that LACP flapping occurs. FortiGate Site: FGT1 (LACP-CORE) # show config system interface edit "LACP-CORE" set vdom "root" set type aggregate set I'm trying to create a LAG between a virtual fortigate appliance and two 3650 cisco switches. The FortiSwitch unit supports LACP in active and passive modes. x. HA with 802. Connec For the mode, select Static, LACP Active, LACP Passive, or Fortinet Trunk. Each device is connected with LACP on 2 Nexus in VPC (3524-10GX). 1 (vlan 20), x. 3ad aggregation. I have setup the routing policy, Firewall, and aggregate links on the Fortigate. I have a port channel (4 interfaces) betwenn a Cisco and a Fortinet D500 (firewall) and the issues is this: when i have the four interfaces connected working fine with the port channel up and i unplug one of the interfaces to test the resiliency and connecti this Hi, As you are creating layer 3 LACP on Fortigate which is untagged, you should configure "switchport mode access" at Cisco side. The other way After that both side configure LACP Ether channel. As a matter of fact, when you connect Nexus 2ks to 5ks or 7ks active/active should be configured. Here is an example of one Port: Here, you've told the Cisco LACP/Switchport trunk to transmit VLAN#10 as untagged on that LACP Trunk. Hello everyone! I have seen some forums about that, but im not clear about de topology when i have 2 FW in active/standby. Mô hình: Yêu cầu: - Cấu hình LACP giữa FGT và switch Cisco - Tạo interface vlan 100 với IP như quy hoạch để làm gateway cho các PC phía dưới (thuộc vlan 100) Trên switch cisco khai LACP: On FortiGate 5. Interfaces still appear in the CLI although configuration This setup has 2 x Fortigate 100Ds (FG1, FG2) and 2 x Cisco 2960X switches (SW1, SW2) will be added as expansion because Fortigates ran out of free switch ports. Cisco Switch . 4. then assigned these port to subinterface. 1 name fortilink status down algorithm L4 lacp-mode active 2 name to-Cisco status down algorithm L4 lacp-mode active. I am having issues with an LACP port channel coming up on the Fortigate VM and Cisco switch in GNS3. 5 with Cisco Switchmore For LAG control, the FortiSwitch unit supports the industry-standard Link Aggregation Control Protocol (LACP). The Cisco Nexus 3000 switch requires four LACP groups, one for each of the FortiController LACP groups. Difference Between CatOS and Cisco IOS System Software. If your FortiGate unit is connecting to a non-FortiGate device, you will need LACP enabled to negotiate the link connections. Each node in FG Cluster configured with their own ether channel. On the Nexus switches there is a command lacp suspend-individual (see lacp suspend-individual) within the port-channel interface context that controls what should happen to an "I" port. 1. Can you please help in this case. interface Port-channel 30 switchport access vlan x switchport mode access interface GigabitEthernet1/0/12 switchport trunk allowed vlan x switchport mode access cha You can not configure LACP on Cisco with 2 different Fortigate devices. The FortiGate Connector for Cisco ACI is a device package that contains XML metadata describing Fortinet’s security services and can be easily uploaded to the Cisco APIC controller. edit <trunk name> set aggregator-mode {bandwidth | count} set description <description_string> set members <ports> set mode {lacp-active | lacp-passive | static} Trying to get a trunk built between a Cisco Catalyst switch and a Forigate 100F using two 10G links in an LCAP link-aggregation configuration. 0(3)I7(9) with a Fortigate 300D running it's ports in an 802. 1 (default), x. It's a pretty basic LACP config on the Cisco side that I have done with other Cisco switches and Palo Alto firewalls and never had an issue with before. When it comes to LACP, each unit must have its own LACP bundle on the switch. If you have multiple VLANs span on FortiGate, you should modify the FortiGate's interface In this video I show you how I configure LACP on a FortiGate 60E. 255 area 0 passive default no passive " interface connected to FGT 802. It's slower to failover though as the standby then needs to start up its LACP negotiation, the recommended design is a LAG per FG The cluster includes two FortiGate-5000 chassis. Our setup looks as following: I know this setup is a little bit uncommon because normally you would connect the fortigates to both switches but because of li I would like to set up my network with LACP protocol between fortigate and cisco switch. On the other side, they are connected with LACP on 1 Catalyst C4500. 1 (vlan10), x. 2. 20. How to Setup Link #Aggregation LACP on #FortiGate #Firewall v7. interface Port-channel 30 switchport access vlan x switchport mode access interface GigabitEthernet1/0/12 switchport trunk allowed vlan x switchport mode access channel-group 30 mode active 1 name fortilink status down algorithm L4 lacp-mode active 2 name to-Cisco status down algorithm L4 lacp-mode active. It didn't load share! By Roel van Wanrooy 13/09/2019 #fortinet, #fortigate, #fortiswitch, #lacp, #port-channel, #cisco configure a LACP Port-Channel between FortiSwitch and Cisco Switch I recently had to configure a LACP port-channel between two FortiSwitches and a stack of two Cisco switches. In active I'm trying to LACP trunk a pair of Nexus3000 C3064PQ Chassis running 7. So each chassis has two LACP groups. Config onFortigate. if=to-Cisco family=00 type=1 index=19 mtu=1500 link=0 master=0 ref=21 state=start present no_carrier fw_flags=8800 flags=up broadcast master multicast Both the physical interfaces and the aggregate interface are showing as up on the Fortigate but the Cisco side is showing the etherchannel and physical ports as not connected. Link Aggregation Control Protocol (LACP) is now supported on FortiGate and FortiWiFi 90E, 80E, 60E, 50E, and 30E devices. It might re-establish a new LACP neighboring with FG2 when FG1 goes down in your set up. Configuring FortiGate LAN extension the GUI 7. Kết quả trả về Po1 hiển thị SU là đã kết nối link LACP thành công. This is because interfaces on passive device are not active and fortigate uses a virtual mac address that is managed by active member. On the Nexus, we have ESX servers, 3 on side A, 2 on side B, connected on etherchannel with vpc. 3ad aggregate. For some reason, the Cisco switches are showing the WAN2 ports on 4 of the pairs as not sending LACP traffic. The method Cisco uses is similar to the Fortinet method of reporting this feature. 3ad aggregate interfaces 'Link aggregation, HA failover performance, and HA mode'. created policy as per the sub interface, in the policy you can I have a issue configuring LACP between cisco 3850 and fortigate 100D. The LACP interface configured directly with an IP address (no vlans) and is linked to a number of address and policy elements. 6, I've currently got 2 1G ports linked in a LACP aggregate team to a Cisco switch. And yes, I admit the 80E is no burner with a max of 4 Gbps, but I've seen a lot of VLANs not utilizing nearly as much bandwidth as physically provided. LACP facilitates the Note: By default, when an LACP channel is configured, the LACP channel mode is passive. It didn't load share! There is no issue with running LACP as active/active. If you configure LACP on FortiGate you have to consider a point. edit <trunk name> set aggregator-mode {bandwidth | count} set description <description_string> set members <ports> Link aggregation uses the standard LACP protocol which (even) Cisco supports. Since the FortiGate is in HA the same config will get synced with Here is the full configuration road map at FortiGate FW and cisco switch. Both the physical interfaces and the aggregate interface are showing as up on the Fortigate but the Cisco side is showing the etherchannel and physical ports as not connected. The LACP link comes up but This instruction describes the configuration of a LACP Port-Channel between FortiSwitch and Cisco managed by a FortiGate As you are creating layer 3 LACP on Fortigate which is untagged, you should configure "switchport mode access" at Cisco side. 1 onwards, lacp-ha-slave has been replaced with lacp-ha-secondary. 6. I configured both side active -active LACP after that its working perfect . if=to-Cisco family=00 type=1 index=19 mtu=1500 link=0 master=0 ref=21 state=start present no_carrier fw_flags=8800 flags=up broadcast master multicast Như vậy là chúng ta đã cấu hình xong LACP trên cả firewall Fortigate và switch Cisco. LACP port Admin Oper Port Port Port Flags Priority Dev ID Age key Key are you trying to connecting lacp between the 2 6500s in the vss setup or are you connecting to another switch ? If its between the 2 6500s in vss the port-channel needs to have switch virtual link set under it For the mode, select Static, Passive LACP, or Active LACP. In this mode, no control messages are sent, and received control messages are ignored. If the optional IPSec VPN between a FortiGate and a Cisco ASA with multiple subnets Remote access FortiGate as dialup client It is not one of the FortiGate-5000 series backplane interfaces. interface eth 1/48(for keep alive) fortigate uses channel group between all the ports (single channel group oh here is the LACP diags on the Cisco, not sure how to do the same for Fortigate SW1#sh lacp neighbor Flags: S - Device is requesting Slow LACPDUs F - Device is requesting Fast LACPDUs A - Device is in Active mode P - Device is in Passive mode. Learn how to configure Link Aggregation Control Protocol (LACP) on FortiGate and Cisco switches in this video tutorial. 2 | Fortinet Document Library . g. Kiểm tra cấu hình. Add the required ports to the Included list. LACP port Admin Oper Port Port Port Flags Priority Dev ID Age key Key has anyone build a setup where you can transport LACP transparent over a FortiGate? Our Setup is that the FortiGate will be installed between two Cisco devices which have configured LACP. EDGE1 EDGE2 \ / \ / \ / Fortigate . I noticed that etherchannel haves different aggregator ID on Fortigate and act as secondary aggregator also on Cisco (6509E). LACP fortigate - Cisco switch I have configured LACP link (2 port) on Cisco 3560 and FG310B, everything seem be fine, but when I put traffic on this LACP link, traffic just rided on one physical link, when I shutdown one port of LACP, traffic switch to another. The aggregate link is comprised of the primary's de 1 name fortilink status down algorithm L4 lacp-mode active 2 name to-Cisco status down algorithm L4 lacp-mode active. diag netlink interface list to-Cisco. LACP configuration on FortiGate Side: set member "x2" "x1" --> Here it is selected X1, X2 port to be part of LAG. I am new to Cisco nexus switch and as of now i have simple question for connection with layer 2 uplink (firewall): our Scenario is we have two c9000 series and we have two fortigate. 30. Here is the configuration on the Fortigate: oh here is the LACP diags on the Cisco, not sure how to do the same for Fortigate SW1#sh lacp neighbor Flags: S - Device is requesting Slow LACPDUs F - Device is requesting Fast LACPDUs A - Device is in Active mode P - Device is in Passive mode. If I want connect new nexus switches to fortigates, do i need to use access port or trunk port. We have almost 30 plus VLANs configured in new switches. It didn't load share! How to Setup Link #Aggregation LACP on #FortiGate #Firewall v7. 2 and get replies from the Fortinet 192. 168. 1 Process Ethernet frames with Cisco Security Group Tag and VLAN tag Support port block allocation for NAT64 Support refreshing active sessions for specific protocols and port ranges per VDOM in a specified direction 7. Both nodes set as passive will not work and having static it's Hi, I am trying to setup a LAG between a Fortigate 1200D cluster and a two Cisco Nexus switches. Trying to get a trunk built between a Cisco Catalyst switch and a Forigate 100F using two 10G links in an LCAP link-aggregation configuration. interface Ethernet0/2 switchport trunk encapsulation The LACP conformed from the perspective of IOS cisco is correct: LACP conformed and each link member is grouped without any problem. The LACP link comes up but the VLAN communication does not work. This joint solution streamlines traffic to supported FortiGate appliances and assigns security policies on command for data center workloads. 1Q tag SVI or gi x/x/x " end Keep your static route on the cisco pointing Hello all, We have a customer who is trying to create a 2 gig ports Port-Channel with our router and the LACP is not working. 1. Using the CLI: config switch trunk. 2 HA active/passive configured as follows in over 10 physical locations: Fortinet WAN1 and WAN2 ports in 802. LACP is a standard protocol (802. 4. If you do the setup as your design, oh here is the LACP diags on the Cisco, not sure how to do the same for Fortigate SW1#sh lacp neighbor Flags: S - Device is requesting Slow LACPDUs F - Device is requesting Fast LACPDUs A - Device is in Active mode P - Device is in Passive mode. On switch 2 both ports come up fine (P/P) but on switch 1 I get (P/s) Hi, As you are creating layer 3 LACP on Fortigate which is untagged, you should configure "switchport mode access" at Cisco side. I'm fairly new to FortiGate and I'm in the process of configuring an 80F to replace a Cisco RV320 router. Created aggrate interface port3 & port 4. edit "LAN" set vdom "root" set allowaccess ping set type aggregate set member "port2" "port3" set role lan set snmp-index 12 set lacp-mode static Cisco Switch interface Ethernet0/2 switchport trunk encapsulation En este lab realizamos una configuración de LACP (Link Aggregation), entre un FortiGate físico y un Switch Cisco. When an interface is included in an aggregate interface, it is not listed on the Network > Interfaces page. LACP port Admin Oper Port Port Port Flags Priority Dev ID Age key Key Fortigate and Cisco switch LACP not working Hi! I am testing topology where fortigate connected to switch. Para pasar tráfico de multiples VLANs, y pr 1st nice layout diagram , a picture says a thousand words What I would do and have done this in the setup you provided, enable ospf on all layer3 interfaces of the 3750 config t router ospf 10 network 0. 1 255. Tiếp theo ta tiến hành bước kiểm tra. if=to-Cisco family=00 type=1 index=19 mtu=1500 link=0 master=0 ref=21 state=start present no_carrier fw_flags=8800 flags=up broadcast master multicast It's not mandatory to match but it should work with both nodes being active (maybe Cisco doesn't like the Fortinet LACP PDU), anyway having one side configured as active does the job fully since it still puts the problematic port immediately down and not cause any packet drops. LACP port Admin Oper Port Port Port Flags Priority Dev ID Age key Key LACP fortigate - Cisco switch I have configured LACP link (2 port) on Cisco 3560 and FG310B, everything seem be fine, but when I put traffic on this LACP link, traffic just rided on one physical link, when I shutdown one port of LACP, traffic switch to another. I have Fortigate 200E and 100D pairs running 5. 3ad) - you should not have any issues building those 1:1 links. I am trying to setup a LACP connection from 2 clustered Fortigate 201F FW to two stacked Cisco 9300x24Y switches via (4) 10 Gb SFP+ direct attach data storage cables as seen below. whenever the FortiGate makes a failover, e. My config as below: Fortigate: command: show system interface result (For my LACP interface): edit "GNET" set vdom "root" set ip 20. . I also show how to configure LACP on a UniFi switch. The VPC on the Cisco side fails, saying "vpc port channel mis-config due to vpc links in the 2 switches connected to different partners". If you do the setup as your design, FortiGate will detect different switches on the ports, and one of the ports will work and the other will not. To create a link aggregation interface in the GUI: Go to It's not mandatory to match but it should work with both nodes being active (maybe Cisco doesn't like the Fortinet LACP PDU), anyway having one side configured as active does the job fully since it still puts the problematic port immediately down and not cause any packet drops. FortiGate Aggregate Config. if=to-Cisco family=00 type=1 index=19 mtu=1500 link=0 master=0 ref=21 state=start present no_carrier fw_flags=8800 flags=up broadcast master multicast LACP support on entry-level E-series devices 6. 0. These are 10G fiber connections. The stack acts just like one single switch, even for LACP trunks. From the admin desk In this video I show you how I configure LACP on a FortiGate 60E. When we force the mode ON on both sides of the port-channel it works and we have connectivity but as soon as we change the mode to LACP (channel-group 1 mode active) it doe Hi Everyone, We have two nexus 9K switches need to connect to FORTIGATE Firewall (HA-Active and standby). 255. I also show how to configure LACP on a UniFi switc We have a Cisco 6807-XL that has four 1gb fiber connections to a Fortigate firewall that is not coming up. NOTE: Clear lacp counters to get accurate statistics I am setting up a 2 ethernet trunk between a Cisco switch and Fortinet 100E firewall. FGT100D-HA1 (root) # diag n Learn how to configure Link Aggregation Control Protocol (LACP) on FortiGate and Cisco switches in this video tutorial. We are wanting to migrate to a single 10G link via a different switch with as little disruption as possible. Set to Passive LACP to passively use LACP to negotiate 802. On the Nexus 7000 switches this is enabled by default and so an I port will become suspended. Apart from the trunk speed If you configure LACP on FortiGate you have to consider a point. Fortinet-201F-Primary (CORE-UPLINK) # show Hi! I am testing topology where fortigate connected to switch. Both nodes set as passive will not work and having static it's 以下のようなネットワーク構成を考えます。FortiGate の internal1 と internal2 は内部側のスイッチ（Cisco Catalyst）と物理接続されています。FortiGate とスイッチの間でこの2リンクを使用してリンクアグリゲーション the behavior of LACP in an HA cluster. It is also enough to unplug one cable from the LACP for there to be a failure. Cat_6509#sh run int ten8/1 Building configuration Current configuration : 156 bytes ! interface TenGigabitEthernet8/1 switchport switchport mode trunk channel-group 42 mode desirable end Cat_6509#sh run int ten9/1 Building configuration If you configure LACP on FortiGate you have to consider a point. 6(1)SN and Later Releases -Configuring Link Aggregation Control Protocol (LACP) LACP is defined in IEEE 802. 2. Select Create. You should add them to two different groups. CatOS on the Supervisor Engine and Cisco IOS Software on the MSFC (Hybrid): a CatOS image can be used as the system software to run the Supervisor Engine on Catalyst 6500/6000 switches. 3ad standard and enables Cisco switches to manage Ethernet channels between switches that conform to the standard. But when custoemer reboot firewall device one of cisco port went to supspend state after reset this port will be in Present mode. Topology is as below: (VLAN A, B) FG1 <== HA1 Port (Trunks VLANs A, B) ==> FG2 (VLAN A, B) Hosts on FG1's switch ports are able to access to hosts on FG2's switch ports. The 2 lines in a LACP trunk terminate on 2 different chassis in the stack. Solved: Hi I have a Cisco Nexus 7000 dual homed to a pair of Hello, We have a Fortigate 1100 connected to a Cisco NX-3548 with 2 LACP links for WAN internet access . conf t. In active/passive active side negotiate and the passive side minimizes transmission of LACP packets (less noise). Scope FortiGate in HA. The RV320 has 4 sub-interfaces tagged with their respective VLANs: - x. 3ad aggregate connected to Cisco 3850 switches. if=to-Cisco family=00 type=1 index=19 mtu=1500 link=0 master=0 ref=21 state=start present no_carrier fw_flags=8800 flags=up broadcast master multicast oh here is the LACP diags on the Cisco, not sure how to do the same for Fortigate SW1#sh lacp neighbor Flags: S - Device is requesting Slow LACPDUs F - Device is requesting Fast LACPDUs A - Device is in Active mode P - Device is in Passive mode. there is no clear information available on how to do this. by HaiNguyen -IT | 06/01/2023 | Lượt xem: 6986. Then when FG1 goes down the SW1 can failover the 2Gig to FG2. To support We've connected my customer's 1500D cluster cross-wise to a HPE switch stack, using 2x 2port LACP trunks. My configuration works correctly singularly however, when i try and aggregate the ports, i get the following LACP Gi0/1(P) EDGE1# Number of channel-groups in use: 1 Number of aggregators: 1 FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic. fai dzpjvs wjkjlkvt umegtm qihg xpvb dygsg udys ydaiae kcw gsod nypz sbkpe pdntom fnyunul