Hello,
we're deploying a new network infrastructure as part of a building move and settled on MLAG L2 for the Core and Access switches, which we were going to LAG into a pair of Fortigates in Active/Passive for segregation and routing at L3 from there.
BUT, the gateways are now going to sit on the Core switches (a pair of Arista 7050SX3s) and we're going to connect L3 to the fortigates for 2 VRFs (Prod and DMZ) for segregation.
How do I configure the transit VLAN interfaces on the MLAG switches? Would we use LACP to the Firewalls still? Do I need a VLAN interface on the Aristas, or as the transit VLANs are trunked up to the fortigates, can I just have one interface per VLAN on the fortigates?!
Can anyone point me in a direction, this feels like my misunderstanding some fundamentals...as usual..!
No comments:
Post a Comment