OSPF WITH LINK AGGREGATION BETWEEN Cisco & FortiGate

on

 

OSPF WITH LINK AGGREGATION BETWEEN Cisco & FortiGate



Figure 1: OSPF AREA 0 with Link Aggregation between Cisco & FortiGate

 

 

FortiGate Firewall Link Aggregation: -



Figure 2: FortiGate_7 Network Interface configured with 802.3ad (LACP)



Figure 3: FortiGate_5 Network Interface configured with 802.3ad (LACP)

FortiGate_5 Configuration

 Step 1: Click on 802.3ad Link Aggregation and go to edit

 

   Step 2: Giving the Name and selecting the ports inside the interface member and assign the IP Address.

 

FortiGate_7 Configuration

   Step 1:   Click on 802.3ad Link Aggregation and go to edit

   Step 2:   Giving the Name and selecting the ports inside the interface member and assign the IP Address.

 

Cisco Switch Link/Port Aggregation: -

Cisco_SW-2_Configuration

interface Port-channel16

 description ***Conneted_to_FortiGate_5***

 no switchport

 ip address 16.1.1.2 255.255.255.252

 

interface Port-channel17

 no switchport

 description ***Conneted_to_Cisco_SW-1***

 ip address 17.1.1.2 255.255.255.252

 

interface GigabitEthernet0/0

 no switchport

 description ***Conneted_to_FortiGate_5***

 no ip address

 negotiation auto

 channel-group 16 mode active

 

interface GigabitEthernet0/1

 no switchport

 description ***Conneted_to_FortiGate_5***

 no ip address

 negotiation auto

 channel-group 16 mode active

 

interface GigabitEthernet0/2

 no switchport

 description ***Conneted_to_Cisco_SW-1***

 no ip address

 negotiation auto

 channel-group 17 mode active

 

interface GigabitEthernet0/3

 no switchport

 description ***Conneted_to_Cisco_SW-1***

 no ip address

 negotiation auto

 channel-group 17 mode active 

Cisco_SW-1_Configuration

interface Port-channel16

 no switchport

 ip address 16.1.1.1 255.255.255.252

 

interface Port-channel18

 no switchport

 ip address 18.1.1.2 255.255.255.252

 

interface GigabitEthernet0/0

 no switchport

 no ip address

 negotiation auto

 channel-group 16 mode active

 

interface GigabitEthernet0/1

 no switchport

 no ip address

 negotiation auto

 channel-group 16 mode active

 

interface GigabitEthernet0/2

 no switchport

 no ip address

 negotiation auto

 channel-group 18 mode active

 

interface GigabitEthernet0/3

 no switchport

 no ip address

 negotiation auto

 channel-group 18 mode active

FortiGate Firewall OSPF Configuration: -

Figure 4: FortiGate_7 OSPF Routes



Figure 5: FortiGate_5 OSPF Routes

FortiGate_7 Configuration

   Step 3:  Go to Network on OSPF and assign the Router ID

   Step 4: Go to Areas click on “Create New” and give the OSPF Area in my Case 0.0.0.0



   Step 5: Go to Networks click on “Create New” and advertise your connected/Internal Networks



   Step 6: Go to Interfaces and click on “Create New”.

   Step 7: Give the Name and select the Interface with Matching Hello and Dead Interval



Note: In my case, Hello is 10 and Dead is 40 because I need to match with the Cisco. I have not added the Fortigate_5 OSPF as it is the same as FortiGate_7 only the subnets need to be changed.

 

 

 

Cisco Switch OSPF Configuration: -


Cisco_SW-1_Configuration

router ospf 18


 network 16.1.1.0 0.0.0.3 area 0

 network 18.1.1.0 0.0.0.3 area 0


Cisco_SW-2_Configuration

router ospf 18


 network 16.1.1.0 0.0.0.3 area 0

 network 17.1.1.0 0.0.0.3 area 0

Comments

Post a Comment