Cannot make uplink to FortiGate VLANs working.

Cannot make uplink to FortiGate VLANs working.

Cannot make uplink to FortiGate VLANs working.
Cannot make uplink to FortiGate VLANs working.
2 weeks ago
Model: TL-SG108PE  
Hardware Version: V5
Firmware Version: 20230218

Hi!

Please help, I'm out of ideas.
I have a FortiGate UTM with VLANs on ports 1,2 (LAG) and I want to connect Access Points primarily through a TL-SG108PE switch. I connect a computer for testing and in no case am I able to connect to any of the networks.
The network diagram is as simple as it gets:



 

This setup worked very well for me on a Cisco sg350x switch, which I want to replace with a smaller switch because we are getting rid of the cables.

I'm adding the configuration from Cisco, which works correctly (here the uplink port is 1).


What could be the problem?

  0      
  0      
#1
Options
4 Reply
Re:Cannot make uplink to FortiGate VLANs working.
2 weeks ago

Hi @mjrstefan 

Thanks for posting in our business forum.

8 is the uplink?

I reviewed the switch and the config looks good to me.

 

What's the setting on the FG? The interfaces included in the LAG and they are tagged on 1 and 2 ports?

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  1  
  1  
#2
Options
Re:Cannot make uplink to FortiGate VLANs working.
2 weeks ago

Hi @Clive_A!

Thanks for your response.

Yes, port 8 on the TL-SG108PE is the uplink to the FG.

On the FG, ports 1 and 2 are combined in LAG1 to which all VLANs are assigned. When taking this screenshot, I have the TP-Link plugged into port 1, and Cisco is plugged into port 2, and on the latter, the network works as expected. However, on the TP-Link, I am not getting an IP address from DHCP - neither on untagged port 5 VLAN 100 nor on 7 VLAN 254. Even if I set the addresses manually, I cannot connect to the gateway.

I'm a bit confused and I don't know what to do next.

Do you have any ideas on how to carry out further diagnostics, what else could I check?

  0  
  0  
#3
Options
Re:Cannot make uplink to FortiGate VLANs working.
2 weeks ago

Hi @mjrstefan 

Thanks for posting in our business forum.

mjrstefan wrote

Hi @Clive_A!

Thanks for your response.

Yes, port 8 on the TL-SG108PE is the uplink to the FG.

On the FG, ports 1 and 2 are combined in LAG1 to which all VLANs are assigned. When taking this screenshot, I have the TP-Link plugged into port 1, and Cisco is plugged into port 2, and on the latter, the network works as expected. However, on the TP-Link, I am not getting an IP address from DHCP - neither on untagged port 5 VLAN 100 nor on 7 VLAN 254. Even if I set the addresses manually, I cannot connect to the gateway.

I'm a bit confused and I don't know what to do next.

Do you have any ideas on how to carry out further diagnostics, what else could I check?

Strange enough.

Can you Wireshark to see how the VLAN works on the uplink 8?

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#4
Options
Re:Cannot make uplink to FortiGate VLANs working.
a week ago

Hi @Clive_A 

I am not sure what we want to observe, so I have captured 3 scenarios:
1. uplink on port 8 connected to UTM & connected laptop with wireshark to port 5
2. uplink on port 8 connected to UTM & connected laptop with wireshark to port 7
3. disconnected UTM & connected laptop with wireshark to port 8

https://drive.google.com/drive/folders/1ask6ijSsU_xlTqYUDDNmQZTseEHeoPMb?usp=sharing

Best regards

  0  
  0  
#5
Options