Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
asda
New Contributor

Created on ‎11-29-2023 09:55 PM

problem with HA monitored interface configuration for LACP interface

Technical Tip: Best practice HA monitored interface configuration for LACP interface that is used fo...

I had already seen this tip,and my device is fortigate 3240c,v5.4.10,build1220,180821 (GA)

I created two lacp groups.

port1 port2 port3 port4 for mgmt-channel and port5 port6 port7 port8 for inside-channel

But when i tried to config like the tip,It failed.

How can i monitor independent each ports,if this configuration is truely couldn'd be add.

Please give some advice,thank you very much.

my ha configuration,and i show which port i can addmy ha configuration,and i show which port i can add

my ha configuration,and show which port could be add,there is no port1-port8

微信图片_20231129170047.png

the error

 

 

 

Labels:
701
0 Kudos
7 REPLIES 7
AEK
SuperUser
SuperUser

Created on ‎12-03-2023 06:51 AM

You should be able to monitor independent interfaces this way:

set monitor port5 port6 port7 port8

However I think you shouldn't monitor theses interfaces, since if you have one interface down the link still work and you will have unnecessary node failover.

So usually when I have LACP I don't monitor it, since it is LACP and it's quite unlikely to fail, especially when it is connected with multi-chassis.

AEK
AEK
653
asda
New Contributor
In response to AEK

Created on ‎12-03-2023 05:30 PM

Hi AEK:

I have tried in this way,also can't be able.

And I monitor the individual interface because there is a bandwidth requirement. After the port is down, HA can switch to ensure stable bandwidth

 

640
0 Kudos
darisandy
Staff
Staff

Created on ‎12-03-2023 06:38 PM

It's also possible that this is because of the FortiOS version.

The KB article was written last year, 2022

But FortiOS version 5.4 is quite old, it was released on 2015

633
asda
New Contributor
In response to darisandy

Created on ‎12-03-2023 07:15 PM

Hi darisandy:

Is there any way without this artical that can monitor each port when the port down,the ha status will change.

thank you

625
0 Kudos
darisandy
Staff
Staff
In response to asda

Created on ‎12-03-2023 07:18 PM

Based on the available command you shared, I don't think it's possible.

Once the ports are member of LACP interface, most likely that older version can't refer to the physical port anymore.

623
AEK
SuperUser
SuperUser

Created on ‎12-04-2023 12:33 AM

Hi Asda

Otherwise try using automation stitches. It should be doable.

AEK
AEK
589
0 Kudos
asda
New Contributor
In response to AEK

Created on ‎12-04-2023 12:40 AM Edited on ‎12-04-2023 12:41 AM

It seems that my version does not support automation stitches🥲

But also thank for your advice.

587
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.