Our two cisco firewalls (Cisco ASA on firepower, active/standby) are currently connected to two Catalyst 6509s.
We want to move these firewalls to Nexus 9500s.
When we connected ASA ports to Nexus, the ports on nexus showed "connected" but the ports on the firewall appeared down. Bouncing ports on either side did not help. Taking ports out of port-channels and bouncing them did not help either. Rebooted the standby firewall to see if its ports connect, but it did not work.
Opened a case with Cisco. They checked the nexus side and the firewall side, but did not find any misconfigurations or issues.
Here is a list of troubleshooting steps I completed today, but nothing worked.
set the Nexus side to the Port-channel configuration. Reboot the firewall.
Remove vlan configuration from two ports on N9Ks. Bounce ports on both sides (Nexus and FW).
remove the port-channel config nexus Remove FW ports from port-channel and assign them to a logical device. Bounce ports
shut ports on both sides. Apply lacp graceful-convergence on nexus side. Enable Nexus ports. Enable FW. Lacp ports become suspended. FW ports are still down.
I attached a diagram example of one firewall and it's two ports being connected to both nexuses. I am currently working on troubleshooting connectivity of two firewall ports (standby firewall) to two nexuses.
Hi all, we've been using a hardware version of the ACI Simulator for quite some time and really grew fond of it for testing automation solutions we developed for our production fabric. Recently we decided to switch to VM. Our Production-Fabric runs o...
Hello, We would like to change the airflow direction (and thus the fan module) on a CISCO C3850-24-XS-S switch.Is it possible on this type of switch ? We have also seen that the CISCO C3850-48-XS-S had two fan modules (FAN-T3-R= & FAN-T3-F=)...
Hello ACI Gurus. I am currently migrating a two sets of Palo Alto Physical firewalls directly counted to old Cisco 6509 switches to ACI. The way current environment is communicating between ACI and legacy 6509 switches is via a L2 link with a S...