× NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Orbi WiFi 7 RBE973
Reply

GS724T - can't get VLANs to work over LAG connected to Fortigate

chrisn7599
Aspirant

GS724T - can't get VLANs to work over LAG connected to Fortigate

Greetings,

 

I have a GS724Tv4 that I can't get VLANs to work for using a LAG interface to a Fortigate firewall and am looking for assistance.

 

  • The GS724T has ports 23-24 configured as LACP and the Fortigate has ports 2-3 configured as an 802.3ad aggregate.
  • I have two ethernet cables connecting ports 23-24 of the switch to ports 2-3 on the Fortigate.
  • The LAG interface on the GS724T shows that the link is up.
  • I have a VLAN-204 with DHCP running on the Fortigate LAG at 192.168.2.65.
  • I have a VLAN-204 set up on the switch with ports 7-9 marked as untagged members and the LAG marked as a tagged member.
  • I have a PC plugged into port 9 with an IP address of 192.168.2.67 but I cannot ping the Fortigate 192.168.2.65 address.

It appears that the switch is not passing traffic from port 9 to the LAG interface.

 

I see nothing wrong with the configuration and have reviewed the manual several times. 

 

Can anyone give me any ideas of what I may have missed or how to troubleshoot this?

 

Thanks

Message 1 of 3

Accepted Solutions
schumaku
Guru

Re: GS724T - can't get VLANs to work over LAG connected to Fortigate


@chrisn7599 wrote:
  • I have a VLAN-204 set up on the switch with ports 7-9 marked as untagged members and the LAG marked as a tagged member.
  • I have a PC plugged into port 9 with an IP address of 192.168.2.67 but I cannot ping the Fortigate 192.168.2.65 address.

Have the PVID set to 204 for the ports you intend to use untagged access ports?

View solution in original post

Message 2 of 3

All Replies
schumaku
Guru

Re: GS724T - can't get VLANs to work over LAG connected to Fortigate


@chrisn7599 wrote:
  • I have a VLAN-204 set up on the switch with ports 7-9 marked as untagged members and the LAG marked as a tagged member.
  • I have a PC plugged into port 9 with an IP address of 192.168.2.67 but I cannot ping the Fortigate 192.168.2.65 address.

Have the PVID set to 204 for the ports you intend to use untagged access ports?

Message 2 of 3
chrisn7599
Aspirant

Re: GS724T - can't get VLANs to work over LAG connected to Fortigate

That was the issue. I had not set the PVID for the untagged ports. It is working now.

 

Thanks!

Message 3 of 3
Top Contributors
Discussion stats
  • 2 replies
  • 1109 views
  • 0 kudos
  • 2 in conversation
Announcements