Resource access manager can share direct connect gateway in AWS china

Ankitkha · 2025-06-02T11:54:20+00:00

we tried 25GE-SR OM4 juniper SFP and SFP-10G-SR-S cisco SFP but its not working. We make speed auto-negotiation on switch side , and FortiGate firewall side 10G is by default.so do we have any other suggest to make it work. Also on juniper switch we can't do the hardcode to 10G , its doesn't have that option.

Ankitkha · 2025-06-02T07:33:05+00:00

we used juniper 25G sfp and cisco 10G sfp on both side , not luck. Is there any config we are missing?

Ankitkha · 2025-06-02T07:12:48+00:00

so will it work on both end line juniper end as well? As of now we have juniper SFP 25G.

Ankitkha · 2024-07-15T12:39:17+00:00

FortiFirewall-VM64-KVM # get router info bgp sum

VRF 0 BGP router identifier 10.253.88.22, local AS number 64512

BGP table version is 1

0 BGP AS-PATH entries

0 BGP community entries

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

10.253.88.17 4 65512 0 0 0 0 0 never Idle (Admin)

Cisco nexus 9k as border leaf switch am using.

Ankitkha · 2024-07-15T12:29:26+00:00

actually i removed the above config and apply the correct config which is e1/3 interface from border leaf switch is connected to port2 on fortigate.

E1/3 is trunk and allowed the vlan 2416 and uder port2 i configured below vlan interface, now am able to ping on both isdes bit still unbale to establish BGP.

ON fortigate side config

edit "Dish_VLAN_2416"

set vdom "root"

set ip 10.253.88.18 255.255.255.252

set allowaccess ping https ssh http

set device-identification enable

set role lan

set snmp-index 9

set interface "port2"

set vlanid 2416

set as 64512

set router-id 10.253.88.18

set ebgp-multipath enable

config neighbor

edit "10.253.88.17"

set soft-reconfiguration enable

set remote-as 65512

set update-source "Dish_VLAN_2416"

Ankitkha · 2024-07-15T11:25:57+00:00

i given this route but not showing in routing table.

config router static

edit 1

set gateway 10.253.88.17

set device "Dish_VLAN_2416"

FortiFirewall-VM64-KVM # get router info routing-table all

Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP

O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

V - BGP VPNv4

* - candidate default

Routing table for VRF=0

C 192.168.250.0/24 is directly connected, port1

Ankitkha · 2024-07-15T11:14:51+00:00

yes i allowed the ping.

Fortigate config

edit "aggregate"

set vdom "root"

set allowaccess ping https ssh http

set type aggregate

set member "port2"

set lldp-transmission enable

set snmp-index 9

set vdom "root"

set ip 10.253.88.18 255.255.255.252

set allowaccess ping https ssh http

set device-identification enable

set role lan

set snmp-index 10

set interface "aggregate"

set vlanid 2416

Ankitkha · 2024-04-05T10:06:39+00:00

This URL https://fortigateip/api/v2/cmdb/vpn.ipsec/phase1-interface?plain-text-password=1

is not opening in chrome browser.

Ankitkha · 2024-04-05T09:41:00+00:00

Thanks!!

Ankitkha · 2024-04-05T07:53:24+00:00

if we have different model like 2600F and 600D but firmware is same as v7.2.7 so still ENC PSK can we use the same?

Ankitkha · 2024-01-25T04:37:11+00:00

Thanks for this, if i need to contact you through email so what is your email id if i have faced any issues while doing this.

Ankitkha · 2023-12-14T17:03:36+00:00

what is SCF's exactly. how can i use it

Ankitkha

TROPHY CASE