Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
168
Views
0
Helpful
2
Replies

VX-LAN SETUP

fmugambi
VIP
VIP

‎06-10-2025 12:19 AM

Hello Team, FAM!
Attached is my high-level topology between DCs, need help setting up vxlans, Please guide me ,

fmugambi_0-1749539923298.png

 

Labels:
0 Helpful
2 Replies 2

fmugambi
VIP
VIP

‎06-12-2025 12:28 AM

HI Team,
Any updates/help on this.

 

Thank you.

0 Helpful

Enes Simnica
Level 1
Level 1

‎06-13-2025 05:31 AM - edited ‎06-13-2025 05:32 AM

Hey man. As I was able to concentrate, coming from 16 hours of working nonstop. I tried to make the config as accurate as possible, even though 99% of my brain is shut down now, lool. Also, will try this on EVEng after some sleep... but here’s the precise config for your setup:

DC1 CORE SWITCH (ws-c3850-48T)

! Underlay (MPLS Link to DC2)  
interface Gig1/0/1  
 description MPLS_TO_DC2  
 no switchport  
 ip address 172.16.10.1 255.255.255.252  ! Your /30 link  
!  

! VXLAN Tunnel  
interface Tunnel1  
 description VXLAN_TO_DC2  
 tunnel source 172.16.10.1  
 tunnel destination 172.16.10.2  
 tunnel mode vxlan  
 vni 10000  ! Same VNI on both sides  
!  

! Overlay (Server VLAN)  
vlan 100  
 name DC1_SERVERS  
!  

interface Vlan100  
 description VXLAN_SERVERS_DC1  
 no shutdown  
 vxlan vni 10000  
!  

! FortiGate Connection  
interface Gig1/0/24  
 description TO_DC1_FW  
 switchport access vlan 100  
!  

! Static route to DC2 servers  
ip route 192.168.30.0 255.255.255.0 172.16.10.2
 

DC2 CORE SWITCH (ws-c3850-48T)

 
! Mirror config, just flip IPs  
interface Gig1/0/1  
 description MPLS_TO_DC1  
 no switchport  
 ip address 172.16.10.2 255.255.255.252  
!  

interface Tunnel1  
 description VXLAN_TO_DC1  
 tunnel source 172.16.10.2  
 tunnel destination 172.16.10.1  
 tunnel mode vxlan  
 vni 10000  
!  

vlan 100  
 name DC2_SERVERS  
!  

interface Vlan100  
 description VXLAN_SERVERS_DC2  
 no shutdown  
 vxlan vni 10000  
!  

interface Gig1/0/24  
 description TO_DC2_FW  
 switchport access vlan 100  
!  

ip route 192.168.40.0 255.255.255.0 172.16.10.1
 
But also, Fortigate tweaks, meaning config for Cross-DC routing...:

On DC1FW (192.168.40.1):

 
config router static
  edit 0
    set dst 192.168.30.0 255.255.255.0   # DC2's subnet
    set gateway 192.168.40.254            # DC1 core's VLAN100 IP
    set device "port1"                    # Replace with your FortiGate interface
  next
end

And for the:

DC2FW (192.168.30.1):

config router static
  edit 0
    set dst 192.168.40.0 255.255.255.0   # DC1's subnet
    set gateway 192.168.30.254            # DC2 core's VLAN100 IP
    set device "port1"                    # Replace with your FortiGate interface
  next
end

 If anything's wrong here, blame my sleep-deprived brain. it checked out hours ago loool!

Hope this helps man. 

 

-Enes

more Cisco?!
more Gym?!
0 Helpful
Customers Also Viewed These Support Documents