Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Fortigate Firewall and Cisco 4503 Full Mesh Setup

Dear All ,

I have a new project coming up which includes 2 Fortigate Firewalls and 2 Cisco 4503 switches , all operating in a full mesh mode .

The Fortigate  HA cluster would be operating in Active - Active mode

On the Fortigates, I have created a 802.3ad Interface and added Ports 3,4,5,6 to it . The aggregate interface uses a single IP address .

I have attached a network schematic showing how the  Firewall - Switch connections are needed to be setup .

The interfaces marked in RED belong to a single Aggregate Interface on the Firewall.

Similarly the interfaces marked with BLUE is a single Aggregate Interface ,but its a logical Interface with multiple Vlans running under it .

The servers would be directly connected to each of the CORE switches .

First of all please tell me if this kind of a setup is possible with Cisco 4503 or not and if its possible then do I need to add all the ports to the same PORT-CHANNEL group or different ones .

Also should  the two switches be inter- connected using an ethernet link ?

I am trying to find the right  Cisco documentation regarding Virtual CLustering on 4503 but haven't come across the right article yet .

I wonder if I should be searching for Virtual clustering or Stacking because I am pretty  new to this kind of a setup  .

The basic idea behind this approach is to have a greater bandwidth plus redundant connections .

CreatePlease to create content