Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
204
Views
0
Helpful
2
Replies

Firewall MAC dropping from core and populating on access switch

mutafis94
Level 1
Level 1

‎12-04-2023 07:53 PM

Hey all, I’ll keep it short and sweet. We have an Aruba core hanging off a fortigate firewall, router on a stick fashion. Then some dumb L2 Netgear switches. We are having a huge issue where the MAC entry for the fortigate, on the core, is dropping from the mac-table and randonly populating on some access switch. This is a loop free network.

 Here’s the weird thing, it’s only 1 vlan that is causing this issue. When VLAN 200 is tagged on the trunk between core > access switch, the vlan 200 goes on the Fritz, when removed, all is well. Super super confused here. We are running MST with 1 instance. 

0 Helpful
2 Replies 2

mutafis94
Level 1
Level 1

‎12-04-2023 07:57 PM

We need this on the core “show mac-address-table”

<FW-mac> - 1/1/1 

But we are getting 

<FW-mac> - 1/1/16-18 

wherever we tag vlan 200 over the trunk, it’s goes back to 1/1/1 when we remove it from trunks to said switches. 

0 Helpful

pieterh
VIP
VIP
In response to mutafis94

‎12-05-2023 05:54 AM - edited ‎12-05-2023 05:56 AM

I read Aruba / Fortigate / Netgear...
you are aware that this is a Cisco support forum ?

of course there is more knowledge present then only cisco equipment, but there are limitations.

My guess is the "dumb L2 Netgear switches" cannot handle the "VLAN 200 tagged" packets
they will treat the tagged packets as if the are send on the default vlan , so here two vlans get mixed up
=> for tagged packets you cannot use dumb switches!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card