Cannot make uplink to FortiGate VLANs working.
Hi!
Please help, I'm out of ideas.
I have a FortiGate UTM with VLANs on ports 1,2 (LAG) and I want to connect Access Points primarily through a TL-SG108PE switch. I connect a computer for testing and in no case am I able to connect to any of the networks.
The network diagram is as simple as it gets:
This setup worked very well for me on a Cisco sg350x switch, which I want to replace with a smaller switch because we are getting rid of the cables.
I'm adding the configuration from Cisco, which works correctly (here the uplink port is 1).
What could be the problem?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi @mjrstefan
Thanks for posting in our business forum.
8 is the uplink?
I reviewed the switch and the config looks good to me.
What's the setting on the FG? The interfaces included in the LAG and they are tagged on 1 and 2 ports?
- Copy Link
- Report Inappropriate Content
Hi @Clive_A!
Thanks for your response.
Yes, port 8 on the TL-SG108PE is the uplink to the FG.
On the FG, ports 1 and 2 are combined in LAG1 to which all VLANs are assigned. When taking this screenshot, I have the TP-Link plugged into port 1, and Cisco is plugged into port 2, and on the latter, the network works as expected. However, on the TP-Link, I am not getting an IP address from DHCP - neither on untagged port 5 VLAN 100 nor on 7 VLAN 254. Even if I set the addresses manually, I cannot connect to the gateway.
I'm a bit confused and I don't know what to do next.
Do you have any ideas on how to carry out further diagnostics, what else could I check?
- Copy Link
- Report Inappropriate Content
Hi @mjrstefan
Thanks for posting in our business forum.
mjrstefan wrote
Hi @Clive_A!
Thanks for your response.Yes, port 8 on the TL-SG108PE is the uplink to the FG.
On the FG, ports 1 and 2 are combined in LAG1 to which all VLANs are assigned. When taking this screenshot, I have the TP-Link plugged into port 1, and Cisco is plugged into port 2, and on the latter, the network works as expected. However, on the TP-Link, I am not getting an IP address from DHCP - neither on untagged port 5 VLAN 100 nor on 7 VLAN 254. Even if I set the addresses manually, I cannot connect to the gateway.
I'm a bit confused and I don't know what to do next.
Do you have any ideas on how to carry out further diagnostics, what else could I check?
Strange enough.
Can you Wireshark to see how the VLAN works on the uplink 8?
- Copy Link
- Report Inappropriate Content
Hi @Clive_A
I am not sure what we want to observe, so I have captured 3 scenarios:
1. uplink on port 8 connected to UTM & connected laptop with wireshark to port 5
2. uplink on port 8 connected to UTM & connected laptop with wireshark to port 7
3. disconnected UTM & connected laptop with wireshark to port 8
https://drive.google.com/drive/folders/1ask6ijSsU_xlTqYUDDNmQZTseEHeoPMb?usp=sharing
Best regards
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 128
Replies: 4
Voters 0
No one has voted for it yet.