Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Nickel

Is that possible to bypass LACP in CheckPoint with Bridge mode?

Dear All,

 

Due to some reasons, we need to have below design:

 

Both Cisco switches have the LACP group 3 mode active for Port7 and Port8.

 

And we have two A-A clusters CPs with bridge mode [P1 and P2] trying to scan the LACP traffic.

 

We just find that both Cisco can not form the LACP now, any advice?

 

Without the CPs and if both Cisco directly connected [7<->7, 8<->8] the LACP will work back.

 

Question.JPG

 

SW1:

Question1.JPG

 

SW2:

Question2.JPG

 

 

 

0 Kudos
3 Replies
Highlighted

I don't think this is possible as LACP is negotiated by bridge/switch ports in a point to point fashion; you can't pass LACP generated by a switch port through a second switch/bridge to yet another port on a third switch, at least to my knowledge.  You'll need to set up LACP on the Gaia interfaces as well to make this work.

R80.40 addendum for book "Max Power 2020" now available
for free download at http://www.maxpowerfirewalls.com
Highlighted
Nickel

Well, I try to set up Bonds on my two CPs.
Let say Bond1 and Bond2 are configured as a bridge.
Bond1 and Bond2 include P1 and P2 respectively.

I can then make the LACP up with failover but only the Master Unit CP1 connected wire, so there is no Load Balancing.

Appreciate it if I can let the slave CP unit line LACP up also.
0 Kudos
Highlighted
Nickel

Might I know if CP has command like "set l2forward enable" on Fortigate?
0 Kudos